Home / Fortinet / NSE7_OTS-7.2 / List of questions

Ask Question

Fortinet NSE7_OTS-7.2 Practice Test - Questions Answers, Page 4

Add to Whishlist

List of questions

Question 31

Refer to the exhibit.

Fortinet NSE7_OTS-7.2 image Question 31 27110 09182024190808000000

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

FortiGate for SD-WAN

FortiGate for application control and IPS

FortiNAC for network access control

FortiSIEM for security incident and event management

FortiEDR for endpoint detection

Show Answer Comment (0)

Question 32

What can be assigned using network access control policies?

Layer 3 polling intervals

FortiNAC device polling methods

Logical networks

Profiling rules

Show Answer Comment (0)

Question 33

As an OT administrator, it is important to understand how industrial protocols work in an OT network.

Which communication method is used by the Modbus protocol?

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

Show Answer Comment (0)

Question 34

Refer to the exhibit.

Fortinet NSE7_OTS-7.2 image Question 34 27113 09182024190808000000

An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.

Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

The FortiGate-Edge device must be in NAT mode.

NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.

The FortiGate devices is in offline IDS mode.

Port5 is not a member of the software switch.

Show Answer Comment (0)

Question 35

An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations.

How can the OT network architect achieve this goal?

Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network.

Configure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network.

Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network.

Configure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network.

Show Answer Comment (0)

Question 36

Refer to the exhibit.

Fortinet NSE7_OTS-7.2 image Question 36 27115 09182024190808000000

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level.

What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

Set a unique forward domain for each interface of the software switch.

Create a VLAN for each device and replace the current FGT-2 software switch members.

Enable explicit intra-switch policy to require firewall policies on FGT-2.

Implement policy routes on FGT-2 to control traffic between devices.

Show Answer Comment (0)

Question 37

As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs.

Which security sensor must implement to detect these types of industrial exploits?

Become a Premium Member for full access

Unlock Premium Member

Question 38

Refer to the exhibit.

Fortinet NSE7_OTS-7.2 image Question 38 27117 09182024190808000000

An OT network security audit concluded that the application sensor requires changes to ensure the correct security action is committed against the overrides filters.

Which change must the OT network administrator make?

Become a Premium Member for full access

Unlock Premium Member

Question 39

Refer to the exhibits.

Fortinet NSE7_OTS-7.2 image Question 39 27118 09182024190808000000

Which statement is true about the traffic passing through to PLC-2?

Become a Premium Member for full access

Unlock Premium Member

Question 40

Refer to the exhibit.

Fortinet NSE7_OTS-7.2 image Question 40 27119 09182024190808000000

An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus traffic and application logs being received correctly by FortiSIEM.

Which statement correctly describes the issue on the rule configuration?

Become a Premium Member for full access

Unlock Premium Member

Total 62 questions

2 3 4 5 6

Go to page: of 7

Question

Case Study

Question 31 (0)

Refer to the exhibit. Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

Question 32 (0)

What can be assigned using network access control policies?

Question 33 (0)

As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol?

Question 34 (0)

Refer to the exhibit. An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is config

Question 35 (0)

An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluc

Question 36 (0)

Refer to the exhibit. PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each

Question 37 (0)

As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additio

Question 38 (0)

Refer to the exhibit. An OT network security audit concluded that the application sensor requires changes to ensure the correct security action is committed against the overrides filters. Which

Question 39 (0)

Refer to the exhibits. Which statement is true about the traffic passing through to PLC-2?

Question 40 (0)

Refer to the exhibit. An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus

Export

with questions and answers will be exported as:

VPLUS file

PDF file (Demo 30 questions)

Highest scored 'comment-votes'

Your question list is being generated. We'll email you once it’s ready.

If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].