Fortinet NSE 7 - OT Security 7.2 Questions and Answers
Refer to the exhibit and analyze the output.
Which statement about the output is true?
Refer to the exhibit.
Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)
Refer to the exhibits.
Which statement about some of the generated report elements from FortiAnalyzer is true?
The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?
When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.
What is a possible reason?
An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.
Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?
Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)
in an operation technology (OT) network FortiAnalyzer is used to receive and process logs from responsible FortiGate devices
Which statement about why FortiAnalyzer is receiving and processing multiple tog messages from a given programmable logic controller (PLC) or remote terminal unit (RTU) is true'?
Refer to the exhibit.
You are assigned to implement a remote authentication server in the OT network.
Which part of the hierarchy should the authentication server be part of?
Refer to the exhibit.
An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus traffic and application logs being received correctly by FortiSIEM.
Which statement correctly describes the issue on the rule configuration?
What two advantages does FortiNAC provide in the OT network? (Choose two.)
What can be assigned using network access control policies?
Which three common breach points can you find in a typical OT environment? (Choose three.)
Operational technology (OT) network analysts run different levels of reports to identify failures that could put the network at risk Some of these reports may be related to device performance
Which FortiSIEM reporting method helps identify device failures?
To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.
What are two possible reasons why the report output was empty? (Choose two.)
An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network.
What statement about the traffic between PLC1 and PLC2 is true?
Refer to the exhibits.
Which statement is true about the traffic passing through to PLC-2?
What is the primary objective of implementing SD-WAN in operational technology (OT) networks'?
