ExamGecko
Login
Home / Fortinet / NSE7_OTS-7.2 / List of questions
Ask Question

Fortinet NSE7_OTS-7.2 Practice Test - Questions Answers, Page 3

Add to Whishlist

List of questions

Question 21

Report Export Collapse

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

FortiGate determined the user by passive authentication
FortiGate determined the user by passive authentication
The user was determined by Security Fabric
The user was determined by Security Fabric
Two-factor authentication is not configured with RADIUS authentication method
Two-factor authentication is not configured with RADIUS authentication method
FortiNAC determined the user by DHCP fingerprint method
FortiNAC determined the user by DHCP fingerprint method
Suggested answer: A
asked 18/09/2024
Joel Hernandez
49 questions

Question 22

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_OTS-7.2 image Question 22 27101 09182024190808000000

Given the configurations on the FortiGate, which statement is true?

FortiGate is configured with forward-domains to reduce unnecessary traffic.
FortiGate is configured with forward-domains to reduce unnecessary traffic.
FortiGate is configured with forward-domains to forward only domain controller traffic.
FortiGate is configured with forward-domains to forward only domain controller traffic.
FortiGate is configured with forward-domains to forward only company domain website traffic.
FortiGate is configured with forward-domains to forward only company domain website traffic.
FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.
FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.
Suggested answer: A
asked 18/09/2024
Maheshkumar Karuppaiah
40 questions

Question 23

Report Export Collapse

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

You must set correct operator in event handler to trigger an event.
You must set correct operator in event handler to trigger an event.
You can automate SOC tasks through playbooks.
You can automate SOC tasks through playbooks.
Each playbook can include multiple triggers.
Each playbook can include multiple triggers.
You cannot use Windows and Linux hosts security events with FortiSoC.
You cannot use Windows and Linux hosts security events with FortiSoC.
Suggested answer: A, B
Explanation:

Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc

asked 18/09/2024
Mellisa Stroman
44 questions

Question 24

Report Export Collapse

You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

Security
Security
IPS
IPS
List
List
Risk
Risk
Overview
Overview
Suggested answer: C, D, E
asked 18/09/2024
Kurt Van Rymenant
52 questions

Question 25

Report Export Collapse

Refer to the exhibit.

Fortinet NSE7_OTS-7.2 image Question 25 27104 09182024190808000000

Which statement about the interfaces shown in the exhibit is true?

port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.
port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.
The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.
The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.
port1-vlan10 and port2-vlan10 are part of the same broadcast domain
port1-vlan10 and port2-vlan10 are part of the same broadcast domain
port1, port1-vlan10, and port1-vlan1 are in different broadcast domains
port1, port1-vlan10, and port1-vlan1 are in different broadcast domains
Suggested answer: D
asked 18/09/2024
Andrew ROUSE
46 questions

Question 26

Report Export Collapse

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

Known trusted devices, each time they change location
Known trusted devices, each time they change location
All connected devices, each time they connect
All connected devices, each time they connect
Rogue devices, only when they connect for the first time
Rogue devices, only when they connect for the first time
Rogue devices, each time they connect
Rogue devices, each time they connect
Suggested answer: C
asked 18/09/2024
Rok Nemec
36 questions

Question 27

Report Export Collapse

What two advantages does FortiNAC provide in the OT network? (Choose two.)

It can be used for IoT device detection.
It can be used for IoT device detection.
It can be used for industrial intrusion detection and prevention.
It can be used for industrial intrusion detection and prevention.
It can be used for network micro-segmentation.
It can be used for network micro-segmentation.
It can be used for device profiling.
It can be used for device profiling.
Suggested answer: A, D
Explanation:

Typically, in a microsegmented network, NGFWs are used in conjunction with VLANs to implement security policies and to inspect and filter network communications. Fortinet FortiSwitch and FortiGate NGFW offer an integrated approach to microsegmentation.

asked 18/09/2024
Najim Abdelmoula
51 questions

Question 28

Report Export Collapse

What triggers Layer 2 polling of infrastructure devices connected in the network?

A failed Layer 3 poll
A failed Layer 3 poll
A matched security policy
A matched security policy
A matched profiling rule
A matched profiling rule
A linkup or linkdown trap
A linkup or linkdown trap
Suggested answer: D
asked 18/09/2024
Jeffrey Sammaritano
46 questions

Question 29

Report Export Collapse

An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.

What are two possible reasons why the report output was empty? (Choose two.)

The administrator selected the wrong logs to be indexed in FortiAnalyzer.
The administrator selected the wrong logs to be indexed in FortiAnalyzer.
The administrator selected the wrong time period for the report.
The administrator selected the wrong time period for the report.
The administrator selected the wrong devices in the Devices section.
The administrator selected the wrong devices in the Devices section.
The administrator selected the wrong hcache table for the report.
The administrator selected the wrong hcache table for the report.
Suggested answer: B, C
Explanation:

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/32cb817d-a307-11eb-b70b-00505692583a/FortiAnalyzer-7.0.0-Administration_Guide.pdf

asked 18/09/2024
Marie Joyce Candice Dancel
44 questions

Question 30

Report Export Collapse

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

A supervisor must purchase an industrial signature database and import it to the FortiGate.
A supervisor must purchase an industrial signature database and import it to the FortiGate.
An administrator must create their own database using custom signatures.
An administrator must create their own database using custom signatures.
By default, the industrial database is enabled.
By default, the industrial database is enabled.
A supervisor can enable it through the FortiGate CLI.
A supervisor can enable it through the FortiGate CLI.
Suggested answer: D
asked 18/09/2024
Allen J Tyson
36 questions
Total 62 questions
Go to page: of 7
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site. Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources. As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?
As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol?
Refer to the exhibit. You are assigned to implement a remote authentication server in the OT network. Which part of the hierarchy should the authentication server be part of?
An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network. What statement about the traffic between PLC1 and PLC2 is true?
To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?
With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?
As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs. Which security sensor must implement to detect these types of industrial exploits?
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM. Which step must the administrator take to achieve this task?
Which three common breach points can be found in a typical OT environment? (Choose three.)
Refer to the exhibit. Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)