ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_OTS-7.2

Fortinet NSE7_OTS-7.2 Practice Test - Questions Answers, Page 2

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site. Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources. As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?
Refer to the exhibit. You are assigned to implement a remote authentication server in the OT network. Which part of the hierarchy should the authentication server be part of?
To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?
An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network. What statement about the traffic between PLC1 and PLC2 is true?
As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol?
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM. Which step must the administrator take to achieve this task?
With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?
As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs. Which security sensor must implement to detect these types of industrial exploits?
Which three common breach points can be found in a typical OT environment? (Choose three.)
Refer to the exhibit. An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01. Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

Question 11

Report
Export
Collapse

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

A.
FortiSIEM and FortiManager
A.
FortiSIEM and FortiManager
Answers
B.
FortiSandbox and FortiSIEM
B.
FortiSandbox and FortiSIEM
Answers
C.
FortiSOAR and FortiSIEM
C.
FortiSOAR and FortiSIEM
Answers
D.
A syslog server and FortiSIEM
D.
A syslog server and FortiSIEM
Answers
Suggested answer: C

Question 12

Report
Export
Collapse

Refer to the exhibit.

You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.

What must you do to achieve this objective?

A.
You must use a FortiAuthenticator.
A.
You must use a FortiAuthenticator.
Answers
B.
You must register the same FortiToken on more than one FortiGate.
B.
You must register the same FortiToken on more than one FortiGate.
Answers
C.
You must use the user self-registration server.
C.
You must use the user self-registration server.
Answers
D.
You must use a third-party RADIUS OTP server.
D.
You must use a third-party RADIUS OTP server.
Answers
Suggested answer: A

Question 13

Report
Export
Collapse

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.

What should the OT supervisor do to achieve this on FortiGate?

A.
Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
A.
Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
Answers
B.
Enable two-factor authentication with FSSO.
B.
Enable two-factor authentication with FSSO.
Answers
C.
Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
C.
Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
Answers
D.
Under config user settings configure set auth-on-demand implicit.
D.
Under config user settings configure set auth-on-demand implicit.
Answers
Suggested answer: C

Explanation:

The OT supervisor should configure a firewall policy with FSSO users and place it on the top of list of firewall policies in order to achieve the goal of authenticating users against passive authentication first and, if passive authentication is not successful, then challenging them with active authentication.

Question 14

Report
Export
Collapse

An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.

On which device can this be accomplished?

A.
FortiGate
A.
FortiGate
Answers
B.
FortiEDR
B.
FortiEDR
Answers
C.
FortiSwitch
C.
FortiSwitch
Answers
D.
FortiNAC
D.
FortiNAC
Answers
Suggested answer: A

Explanation:

An OT network architect can accomplish the goal of securing control area zones with a single network access policy to provision devices to any number of different networks on a FortiGate device.

Question 15

Report
Export
Collapse

Refer to the exhibit.

Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)

A.
Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.
A.
Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.
Answers
B.
Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.
B.
Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.
Answers
C.
IT and OT networks are separated by segmentation.
C.
IT and OT networks are separated by segmentation.
Answers
D.
FortiGate-3 and FortiGate-4 devices must be in a transparent mode.
D.
FortiGate-3 and FortiGate-4 devices must be in a transparent mode.
Answers
Suggested answer: A, C

Question 16

Report
Export
Collapse

Which three methods of communication are used by FortiNAC to gather visibility information? (Choose three.)

A.
SNMP
A.
SNMP
Answers
B.
ICMP
B.
ICMP
Answers
C.
API
C.
API
Answers
D.
RADIUS
D.
RADIUS
Answers
E.
TACACS
E.
TACACS
Answers
Suggested answer: A, C, D

Question 17

Report
Export
Collapse

An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network.

What statement about the traffic between PLC1 and PLC2 is true?

A.
The Layer 2 switch rewrites VLAN tags before sending traffic to the FortiGate device.
A.
The Layer 2 switch rewrites VLAN tags before sending traffic to the FortiGate device.
Answers
B.
The Layer 2 switches routes any traffic to the FortiGate device through an Ethernet link.
B.
The Layer 2 switches routes any traffic to the FortiGate device through an Ethernet link.
Answers
C.
PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.
C.
PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.
Answers
D.
In order to communicate, PLC1 must be in the same VLAN as PLC2.
D.
In order to communicate, PLC1 must be in the same VLAN as PLC2.
Answers
Suggested answer: C

Explanation:

The statement that is true about the traffic between PLC1 and PLC2 is that PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.

Question 18

Report
Export
Collapse

An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.

Which step must the administrator take to achieve this task?

A.
Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.
A.
Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.
Answers
B.
Create a notification policy and define a script/remediation on FortiSIEM.
B.
Create a notification policy and define a script/remediation on FortiSIEM.
Answers
C.
Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.
C.
Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.
Answers
D.
Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.
D.
Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.
Answers
Suggested answer: B

Explanation:

https://fusecommunity.fortinet.com/blogs/silviu/2022/04/12/fortisiempublishingscript

Question 19

Report
Export
Collapse

When you create a user or host profile, which three criteria can you use? (Choose three.)

A.
Host or user group memberships
A.
Host or user group memberships
Answers
B.
Administrative group membership
B.
Administrative group membership
Answers
C.
An existing access control policy
C.
An existing access control policy
Answers
D.
Location
D.
Location
Answers
E.
Host or user attributes
E.
Host or user attributes
Answers
Suggested answer: A, D, E

Explanation:

https://docs.fortinet.com/document/fortinac/9.2.0/administration-guide/15797/user-host-profiles

Question 20

Report
Export
Collapse

Refer to the exhibit, which shows a non-protected OT environment.

An administrator needs to implement proper protection on the OT network.

Which three steps should an administrator take to protect the OT network? (Choose three.)

A.
Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.
A.
Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.
Answers
B.
Deploy a FortiGate device within each ICS network.
B.
Deploy a FortiGate device within each ICS network.
Answers
C.
Configure firewall policies with web filter to protect the different ICS networks.
C.
Configure firewall policies with web filter to protect the different ICS networks.
Answers
D.
Configure firewall policies with industrial protocol sensors
D.
Configure firewall policies with industrial protocol sensors
Answers
E.
Use segmentation
E.
Use segmentation
Answers
Suggested answer: A, C, D
Total 62 questions
Go to page: of 7
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms