Big Halloween Sale - Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70dumps

NSE7_OTS-7.2 Questions and Answers

Question # 6

Refer to the exhibit.

The IPS profile is added on all of the security policies on FortiGate.

For an OT network, which statement of the IPS profile is true?

A.

FortiGate has no IPS industrial signature database enabled.

B.

The listed IPS signatures are classified as SCADA equipment.

C.

All IPS signatures are overridden and must block traffic match signature patterns.

D.

The IPS profile inspects only traffic originating from SCADA equipment.

Full Access
Question # 7

Refer to the exhibit

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.

Which statement about the topology is true?

A.

PLCs use IEEE802.1Q protocol to communicate each other.

B.

An administrator can create firewall policies in the switch to secure between PLCs.

C.

This integration solution expands VLAN capabilities from Layer 2 to Layer 3.

D.

There is no micro-segmentation in this topology.

Full Access
Question # 8

When you create a user or host profile, which three criteria can you use? (Choose three.)

A.

Host or user group memberships

B.

Administrative group membership

C.

An existing access control policy

D.

Location

E.

Host or user attributes

Full Access
Question # 9

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

A.

CMDB reports

B.

Threat hunting reports

C.

Compliance reports

D.

OT/loT reports

Full Access
Question # 10

What is the primary objective of implementing SD-WAN in operational technology (OT) networks'?

A.

Reduce security risk and threat attacks

B.

Remove centralized network security policies

C.

Enhance network performance of OT applications

D.

Replace standard links with lower cost connections

Full Access
Question # 11

As an OT network administrator you are managing three FortiGate devices that each protect different levels on the Purdue model To increase traffic visibility you are required to implement additional security measures to detect protocols from PLCs

Which security sensor must you implement to detect protocols on the OT network?

A.

Endpoint Detection and Response (EDR)

B.

Deep packet inspection (DPI)

C.

Intrusion prevention system (IPS)

D.

Application control (AC)

Full Access
Question # 12

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

A.

You must set correct operator in event handler to trigger an event.

B.

You can automate SOC tasks through playbooks.

C.

Each playbook can include multiple triggers.

D.

You cannot use Windows and Linux hosts security events with FortiSoC.

Full Access
Question # 13

Which three methods of communication are used by FortiNAC to gather visibility information? (Choose three.)

A.

SNMP

B.

ICMP

C.

API

D.

RADIUS

E.

TACACS

Full Access
Question # 14

As an OT administrator, it is important to understand how industrial protocols work in an OT network.

Which communication method is used by the Modbus protocol?

A.

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

B.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

C.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

D.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

Full Access
Question # 15

Refer to the exhibit.

Which statement is true about application control inspection?

A.

The industrial application control inspection process is unique among application categories.

B.

Security actions cannot be applied on the lowest level of the hierarchy.

C.

You can control security actions only on the parent-level application signature

D.

The parent signature takes precedence over the child application signature.

Full Access
Question # 16

Refer to the exhibit.

An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.

Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

A.

The FortiGate-Edge device must be in NAT mode.

B.

NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.

C.

The FortiGate devices is in offline IDS mode.

D.

Port5 is not a member of the software switch.

Full Access
Question # 17

An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.

Which step must the administrator take to achieve this task?

A.

Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.

B.

Create a notification policy and define a script/remediation on FortiSIEM.

C.

Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.

D.

Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.

Full Access
Question # 18

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.

What should the OT supervisor do to achieve this on FortiGate?

A.

Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.

B.

Enable two-factor authentication with FSSO.

C.

Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.

D.

Under config user settings configure set auth-on-demand implicit.

Full Access
Question # 19

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

A.

FortiGate receives traffic from configured port mirroring.

B.

Network traffic goes through FortiGate.

C.

FortiGate acts as network sensor.

D.

Network attacks can be detected and blocked.

Full Access
Question # 20

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

A.

A supervisor must purchase an industrial signature database and import it to the FortiGate.

B.

An administrator must create their own database using custom signatures.

C.

By default, the industrial database is enabled.

D.

A supervisor can enable it through the FortiGate CLI.

Full Access