Labour Day Sale - Limited Time 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 575363r9

Welcome To DumpsPedia
  1. Home
  2. Fortinet
  3. NSE 7 Network Security Architect
  4. NSE7_OTS-7.2
  5. Fortinet NSE 7 - OT Security 7.2 Questions and Answers

NSE7_OTS-7.2 Sample Questions Answers

Questions 4

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

Options:

A.

You must set correct operator in event handler to trigger an event.

B.

You can automate SOC tasks through playbooks.

C.

Each playbook can include multiple triggers.

D.

You cannot use Windows and Linux hosts security events with FortiSoC.

Buy Now
Questions 5

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:

A.

FortiSIEM

B.

FortiManager

C.

FortiAnalyzer

D.

FortiGate

E.

FortiNAC

Buy Now
Questions 6

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options:

A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Buy Now
Questions 7

Refer to the exhibits.

Which statement about some of the generated report elements from FortiAnalyzer is true?

Options:

A.

The report confirms Modbus and IEC 104 are the key applications crossing the network.

B.

FortiGate collects the logs and generates the report to FortiAnalyzer.

C.

The file types confirm the infected applications on the PLCs.

D.

This report is predefined and is not available for customization.

Buy Now
Questions 8

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

Options:

A.

FortiGate receives traffic from configured port mirroring.

B.

Network traffic goes through FortiGate.

C.

FortiGate acts as network sensor.

D.

Network attacks can be detected and blocked.

Buy Now
Questions 9

Refer to the exhibit.

An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.

Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

Options:

A.

The FortiGate-Edge device must be in NAT mode.

B.

NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.

C.

The FortiGate devices is in offline IDS mode.

D.

Port5 is not a member of the software switch.

Buy Now
Questions 10

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

Options:

A.

FortiSIEM and FortiManager

B.

FortiSandbox and FortiSIEM

C.

FortiSOAR and FortiSIEM

D.

A syslog server and FortiSIEM

Buy Now
Questions 11

The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM reporting method helps to identify device failures?

Options:

A.

Business service reports

B.

Device inventory reports

C.

CMDB operational reports

D.

Active dependent rules reports

Buy Now
Questions 12

Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)

Options:

A.

Services defined in the firewall policy.

B.

Source defined as internet services in the firewall policy

C.

Lowest to highest policy ID number

D.

Destination defined as internet services in the firewall policy

E.

Highest to lowest priority defined in the firewall policy

Buy Now
Questions 13

To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?

Options:

A.

By inspecting software and software-based vulnerabilities

B.

By inspecting applications only on nonprotected traffic

C.

By inspecting applications with more granularity by inspecting subapplication traffic

D.

By inspecting protocols used in the application traffic

Buy Now
Questions 14

Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

Options:

A.

Modbus

B.

NIST Cybersecurity

C.

IEC 62443

D.

IEC104

Buy Now
Questions 15

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

Options:

A.

FortiGate determined the user by passive authentication

B.

The user was determined by Security Fabric

C.

Two-factor authentication is not configured with RADIUS authentication method

D.

FortiNAC determined the user by DHCP fingerprint method

Buy Now
Questions 16

Refer to the exhibit.

An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus traffic and application logs being received correctly by FortiSIEM.

Which statement correctly describes the issue on the rule configuration?

Options:

A.

The first condition on the SubPattern filter must use the OR logical operator.

B.

The attributes in the Group By section must match the ones in Fitters section.

C.

The Aggregate attribute COUNT expression is incompatible with the filters.

D.

The SubPattern is missing the filter to match the Modbus protocol.

Buy Now
Questions 17

You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

Options:

A.

Security

B.

IPS

C.

List

D.

Risk

E.

Overview

Buy Now
Questions 18

Refer to the exhibit.

Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)

Options:

A.

Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.

B.

Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.

C.

IT and OT networks are separated by segmentation.

D.

FortiGate-3 and FortiGate-4 devices must be in a transparent mode.

Buy Now
Exam Code: NSE7_OTS-7.2
Exam Name: Fortinet NSE 7 - OT Security 7.2
Last Update: May 6, 2024
Questions: 62
$64  $159.99
$48  $119.99
$40  $99.99
buy now NSE7_OTS-7.2