Weekend Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dumps65

DumpsWrap Logo

Fortinet NSE7_OTS-7.2 Dumps

Page: 1 / 7
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF

Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Question 1

As an OT administrator, it is important to understand how industrial protocols work in an OT network.

Which communication method is used by the Modbus protocol?

Options:

A.

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

B.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

C.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

D.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

Question 2

Refer to the exhibit.

as

You are creating a new operational technology (OT) rule to monitor Modbus protocol traffic on FortiSIEM

Which action must you take to ensure that all Modbus messages on the network match the rule?

Options:

A.

Add a new condition to filter Modbus traffic based on the source TCP/UDP port

B.

The condition on the SubPattern filter must use the AND logical operator

C.

the Aggregate section, set the attribute value to equal to or greater than 0

D.

In the Group By section remove all attributes that are not configured in the Filter section

Question 3

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:

A.

FortiSIEM

B.

FortiManager

C.

FortiAnalyzer

D.

FortiGate

E.

FortiNAC

Question 4

When you create a user or host profile, which three criteria can you use? (Choose three.)

Options:

A.

Host or user group memberships

B.

Administrative group membership

C.

An existing access control policy

D.

Location

E.

Host or user attributes

Question 5

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

Options:

A.

Known trusted devices, each time they change location

B.

All connected devices, each time they connect

C.

Rogue devices, only when they connect for the first time

D.

Rogue devices, each time they connect

Question 6

Refer to the exhibits.

as

Which statement is true about the traffic passing through to PLC-2?

Options:

A.

IPS must be enabled to inspect application signatures.

B.

The application filter overrides the default action of some IEC 104 signatures.

C.

IEC 104 signatures are all allowed except the C.BO.NA 1 signature.

D.

SSL Inspection must be set to deep-inspection to correctly apply application control.

Question 7

What can be assigned using network access control policies?

Options:

A.

Layer 3 polling intervals

B.

FortiNAC device polling methods

C.

Logical networks

D.

Profiling rules

Question 8

What triggers Layer 2 polling of infrastructure devices connected in the network?

Options:

A.

A failed Layer 3 poll

B.

A matched security policy

C.

A matched profiling rule

D.

A linkup or linkdown trap

Question 9

An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.

On which device can this be accomplished?

Options:

A.

FortiGate

B.

FortiEDR

C.

FortiSwitch

D.

FortiNAC

Question 10

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

Options:

A.

Each traffic VDOM must have a direct connection to FortiGuard services to receive the required security updates.

B.

The management VDOM must have access to all global security services.

C.

Each VDOM must have an independent security license.

D.

Traffic between VDOMs must pass through the physical interfaces of FortiGate to check for security incidents.

Question 11

The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM reporting method helps to identify device failures?

Options:

A.

Business service reports

B.

Device inventory reports

C.

CMDB operational reports

D.

Active dependent rules reports

Question 12

Refer to the exhibit.

as

Which statement about the interfaces shown in the exhibit is true?

Options:

A.

port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

B.

The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.

C.

port1-vlan10 and port2-vlan10 are part of the same broadcast domain

D.

port1, port1-vlan10, and port1-vlan1 are in different broadcast domains

Question 13

Operational technology (OT) network analysts run different levels of reports to identify failures that could put the network at risk Some of these reports may be related to device performance

Which FortiSIEM reporting method helps identify device failures?

Options:

A.

Device inventory reports

B.

Payment card industry (PCI) logging reports

C.

Configuration management database (CMDB) operational reports

D.

Business service reports

Question 14

Refer to the exhibit

as

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.

Which statement about the topology is true?

Options:

A.

PLCs use IEEE802.1Q protocol to communicate each other.

B.

An administrator can create firewall policies in the switch to secure between PLCs.

C.

This integration solution expands VLAN capabilities from Layer 2 to Layer 3.

D.

There is no micro-segmentation in this topology.

Question 15

Refer to the exhibit.

as

In order for a FortiGate device to act as router on a stick, what configuration must an OT network architect implement on FortiGate to achieve inter-VLAN routing?

Options:

A.

Set a unique forward domain on each interface on the network.

B.

Set FortiGate to operate in transparent mode.

C.

Set a software switch on FortiGate to handle inter-VLAN traffic.

D.

Set a FortiGate interface with the switch to operate as an 802.1 q trunk.

Question 16

in an operation technology (OT) network FortiAnalyzer is used to receive and process logs from responsible FortiGate devices

Which statement about why FortiAnalyzer is receiving and processing multiple tog messages from a given programmable logic controller (PLC) or remote terminal unit (RTU) is true'?

Options:

A.

To determine which type of messages from the PLC or RTU causes issues in the plant

B.

To isolate PLCs or RTUs in the event of external attacks

C.

To help OT administrators troubleshoot and diagnose the OT network

D.

To track external threats and prevent them attacking the OT network

Question 17

A FortiGate device is newly deployed as the edge gateway of an OT network security fabric. The downstream FortiGate devices are also newly deployed as Security Fabric leafs to protect the control area zone.

With no additional essential networking devices, and to implement micro-segmentation on this OT network, what configuration must the OT network architect apply to control intra-VLAN traffic?

Options:

A.

Enable transparent mode on the edge FortiGate device.

B.

Enable security profiles on all interfaces connected in the control area zone.

C.

Set up VPN tunnels between downstream and edge FortiGate devices.

D.

Create a software switch on each downstream FortiGate device.

Question 18

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site.

Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources.

As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?

Options:

A.

Configure outbound security policies with limited active authentication users of the third-party company.

B.

Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.

C.

Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.

D.

Implement an additional firewall using an additional upstream link to the internet.

Question 19

Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:

A.

FortiNAC

B.

FortiManager

C.

FortiAnalyzer

D.

FortiSIEM

E.

FortiGate

Question 20

As an OT network administrator you are required to generate reports that primarily use the same type of data sent to FortiSlEM These reports are based on the preloaded analytic searches

Which two actions can you take on FortiSlEM to enhance running reports for future use? (Choose two.)

Options:

A.

Automate running these reports upon receiving new logs

B.

Export the preloaded analytics searches to an external syslog server

C.

Create custom reports to process additional analytic searches

D.

Save the analytic searches and turn them into report definitions

Load More NSE7_OTS-7.2 Questions
Page: 1 / 7
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF