ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_OTS-7.2

Fortinet NSE7_OTS-7.2 Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site. Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources. As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?
Refer to the exhibit. You are assigned to implement a remote authentication server in the OT network. Which part of the hierarchy should the authentication server be part of?
To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?
As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol?
An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network. What statement about the traffic between PLC1 and PLC2 is true?
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM. Which step must the administrator take to achieve this task?
With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?
Which three common breach points can be found in a typical OT environment? (Choose three.)
As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs. Which security sensor must implement to detect these types of industrial exploits?
Refer to the exhibit. An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01. Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

Question 21

Report
Export
Collapse

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

A.
FortiGate determined the user by passive authentication
A.
FortiGate determined the user by passive authentication
Answers
B.
The user was determined by Security Fabric
B.
The user was determined by Security Fabric
Answers
C.
Two-factor authentication is not configured with RADIUS authentication method
C.
Two-factor authentication is not configured with RADIUS authentication method
Answers
D.
FortiNAC determined the user by DHCP fingerprint method
D.
FortiNAC determined the user by DHCP fingerprint method
Answers
Suggested answer: A

Question 22

Report
Export
Collapse

Refer to the exhibit.

Given the configurations on the FortiGate, which statement is true?

A.
FortiGate is configured with forward-domains to reduce unnecessary traffic.
A.
FortiGate is configured with forward-domains to reduce unnecessary traffic.
Answers
B.
FortiGate is configured with forward-domains to forward only domain controller traffic.
B.
FortiGate is configured with forward-domains to forward only domain controller traffic.
Answers
C.
FortiGate is configured with forward-domains to forward only company domain website traffic.
C.
FortiGate is configured with forward-domains to forward only company domain website traffic.
Answers
D.
FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.
D.
FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.
Answers
Suggested answer: A

Question 23

Report
Export
Collapse

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

A.
You must set correct operator in event handler to trigger an event.
A.
You must set correct operator in event handler to trigger an event.
Answers
B.
You can automate SOC tasks through playbooks.
B.
You can automate SOC tasks through playbooks.
Answers
C.
Each playbook can include multiple triggers.
C.
Each playbook can include multiple triggers.
Answers
D.
You cannot use Windows and Linux hosts security events with FortiSoC.
D.
You cannot use Windows and Linux hosts security events with FortiSoC.
Answers
Suggested answer: A, B

Explanation:

Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc

Question 24

Report
Export
Collapse

You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

A.
Security
A.
Security
Answers
B.
IPS
B.
IPS
Answers
C.
List
C.
List
Answers
D.
Risk
D.
Risk
Answers
E.
Overview
E.
Overview
Answers
Suggested answer: C, D, E

Question 25

Report
Export
Collapse

Refer to the exhibit.

Which statement about the interfaces shown in the exhibit is true?

A.
port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.
A.
port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.
Answers
B.
The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.
B.
The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.
Answers
C.
port1-vlan10 and port2-vlan10 are part of the same broadcast domain
C.
port1-vlan10 and port2-vlan10 are part of the same broadcast domain
Answers
D.
port1, port1-vlan10, and port1-vlan1 are in different broadcast domains
D.
port1, port1-vlan10, and port1-vlan1 are in different broadcast domains
Answers
Suggested answer: D

Question 26

Report
Export
Collapse

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

A.
Known trusted devices, each time they change location
A.
Known trusted devices, each time they change location
Answers
B.
All connected devices, each time they connect
B.
All connected devices, each time they connect
Answers
C.
Rogue devices, only when they connect for the first time
C.
Rogue devices, only when they connect for the first time
Answers
D.
Rogue devices, each time they connect
D.
Rogue devices, each time they connect
Answers
Suggested answer: C

Question 27

Report
Export
Collapse

What two advantages does FortiNAC provide in the OT network? (Choose two.)

A.
It can be used for IoT device detection.
A.
It can be used for IoT device detection.
Answers
B.
It can be used for industrial intrusion detection and prevention.
B.
It can be used for industrial intrusion detection and prevention.
Answers
C.
It can be used for network micro-segmentation.
C.
It can be used for network micro-segmentation.
Answers
D.
It can be used for device profiling.
D.
It can be used for device profiling.
Answers
Suggested answer: A, D

Explanation:

Typically, in a microsegmented network, NGFWs are used in conjunction with VLANs to implement security policies and to inspect and filter network communications. Fortinet FortiSwitch and FortiGate NGFW offer an integrated approach to microsegmentation.

Question 28

Report
Export
Collapse

What triggers Layer 2 polling of infrastructure devices connected in the network?

A.
A failed Layer 3 poll
A.
A failed Layer 3 poll
Answers
B.
A matched security policy
B.
A matched security policy
Answers
C.
A matched profiling rule
C.
A matched profiling rule
Answers
D.
A linkup or linkdown trap
D.
A linkup or linkdown trap
Answers
Suggested answer: D

Question 29

Report
Export
Collapse

An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.

What are two possible reasons why the report output was empty? (Choose two.)

A.
The administrator selected the wrong logs to be indexed in FortiAnalyzer.
A.
The administrator selected the wrong logs to be indexed in FortiAnalyzer.
Answers
B.
The administrator selected the wrong time period for the report.
B.
The administrator selected the wrong time period for the report.
Answers
C.
The administrator selected the wrong devices in the Devices section.
C.
The administrator selected the wrong devices in the Devices section.
Answers
D.
The administrator selected the wrong hcache table for the report.
D.
The administrator selected the wrong hcache table for the report.
Answers
Suggested answer: B, C

Explanation:

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/32cb817d-a307-11eb-b70b-00505692583a/FortiAnalyzer-7.0.0-Administration_Guide.pdf

Question 30

Report
Export
Collapse

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

A.
A supervisor must purchase an industrial signature database and import it to the FortiGate.
A.
A supervisor must purchase an industrial signature database and import it to the FortiGate.
Answers
B.
An administrator must create their own database using custom signatures.
B.
An administrator must create their own database using custom signatures.
Answers
C.
By default, the industrial database is enabled.
C.
By default, the industrial database is enabled.
Answers
D.
A supervisor can enable it through the FortiGate CLI.
D.
A supervisor can enable it through the FortiGate CLI.
Answers
Suggested answer: D
Total 62 questions
Go to page: of 7
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms