ExamGecko
Search Search Login
Home Home / Fortinet / NSE7_OTS-7.2

Fortinet NSE7_OTS-7.2 Practice Test - Questions Answers, Page 5

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site. Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources. As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?
Refer to the exhibit. You are assigned to implement a remote authentication server in the OT network. Which part of the hierarchy should the authentication server be part of?
To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?
An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network. What statement about the traffic between PLC1 and PLC2 is true?
As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol?
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM. Which step must the administrator take to achieve this task?
With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?
Which three common breach points can be found in a typical OT environment? (Choose three.)
As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs. Which security sensor must implement to detect these types of industrial exploits?
Refer to the exhibit. An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01. Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

Question 41

Report
Export
Collapse

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site.

Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources.

As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?

A.
Configure outbound security policies with limited active authentication users of the third-party company.
A.
Configure outbound security policies with limited active authentication users of the third-party company.
Answers
B.
Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.
B.
Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.
Answers
C.
Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.
C.
Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.
Answers
D.
Implement an additional firewall using an additional upstream link to the internet.
D.
Implement an additional firewall using an additional upstream link to the internet.
Answers
Suggested answer: C

Question 42

Report
Export
Collapse

Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

A.
Modbus
A.
Modbus
Answers
B.
NIST Cybersecurity
B.
NIST Cybersecurity
Answers
C.
IEC 62443
C.
IEC 62443
Answers
D.
IEC104
D.
IEC104
Answers
Suggested answer: C, D

Question 43

Report
Export
Collapse

Which two statements about the Modbus protocol are true? (Choose two.)

A.
Modbus uses UDP frames to transport MBAP and function codes.
A.
Modbus uses UDP frames to transport MBAP and function codes.
Answers
B.
Most of the PLC brands come with a built-in Modbus module.
B.
Most of the PLC brands come with a built-in Modbus module.
Answers
C.
You can implement Modbus networking settings on internetworking devices.
C.
You can implement Modbus networking settings on internetworking devices.
Answers
D.
Modbus is used to establish communication between intelligent devices.
D.
Modbus is used to establish communication between intelligent devices.
Answers
Suggested answer: B, C

Question 44

Report
Export
Collapse

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

A.
FortiGate receives traffic from configured port mirroring.
A.
FortiGate receives traffic from configured port mirroring.
Answers
B.
Network traffic goes through FortiGate.
B.
Network traffic goes through FortiGate.
Answers
C.
FortiGate acts as network sensor.
C.
FortiGate acts as network sensor.
Answers
D.
Network attacks can be detected and blocked.
D.
Network attacks can be detected and blocked.
Answers
Suggested answer: B, C

Question 45

Report
Export
Collapse

How can you achieve remote access and internet availability in an OT network?

A.
Create a back-end backup network as a redundancy measure.
A.
Create a back-end backup network as a redundancy measure.
Answers
B.
Implement SD-WAN to manage traffic on each ISP link.
B.
Implement SD-WAN to manage traffic on each ISP link.
Answers
C.
Add additional internal firewalls to access OT devices.
C.
Add additional internal firewalls to access OT devices.
Answers
D.
Create more access policies to prevent unauthorized access.
D.
Create more access policies to prevent unauthorized access.
Answers
Suggested answer: B

Question 46

Report
Export
Collapse

Which type of attack posed by skilled and malicious users of security level 4 (SL 4) of IEC 62443 is designed to defend against intentional attacks?

A.
Users with access to moderate resources
A.
Users with access to moderate resources
Answers
B.
Users with low access to resources
B.
Users with low access to resources
Answers
C.
Users with unintentional operator error
C.
Users with unintentional operator error
Answers
D.
Users with substantial resources
D.
Users with substantial resources
Answers
Suggested answer: C

Question 47

Report
Export
Collapse

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

A.
CMDB reports
A.
CMDB reports
Answers
B.
Threat hunting reports
B.
Threat hunting reports
Answers
C.
Compliance reports
C.
Compliance reports
Answers
D.
OT/loT reports
D.
OT/loT reports
Answers
Suggested answer: B

Question 48

Report
Export
Collapse

To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?

A.
By inspecting software and software-based vulnerabilities
A.
By inspecting software and software-based vulnerabilities
Answers
B.
By inspecting applications only on nonprotected traffic
B.
By inspecting applications only on nonprotected traffic
Answers
C.
By inspecting applications with more granularity by inspecting subapplication traffic
C.
By inspecting applications with more granularity by inspecting subapplication traffic
Answers
D.
By inspecting protocols used in the application traffic
D.
By inspecting protocols used in the application traffic
Answers
Suggested answer: B

Question 49

Report
Export
Collapse

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

A.
Planning a threat hunting strategy
A.
Planning a threat hunting strategy
Answers
B.
Implementing strategies to automatically bring PLCs offline
B.
Implementing strategies to automatically bring PLCs offline
Answers
C.
Creating disaster recovery plans to switch operations to a backup plant
C.
Creating disaster recovery plans to switch operations to a backup plant
Answers
D.
Evaluating what can go wrong before it happens
D.
Evaluating what can go wrong before it happens
Answers
Suggested answer: A, C

Question 50

Report
Export
Collapse

Which statement is correct about processing matched rogue devices by FortiNAC?

A.
FortiNAC cannot revalidate matched devices.
A.
FortiNAC cannot revalidate matched devices.
Answers
B.
FortiNAC remembers the match ng rule of the rogue device
B.
FortiNAC remembers the match ng rule of the rogue device
Answers
C.
FortiNAC disables matching rule of previously-profiled rogue devices.
C.
FortiNAC disables matching rule of previously-profiled rogue devices.
Answers
D.
FortiNAC matches the rogue device with only one device profiling rule.
D.
FortiNAC matches the rogue device with only one device profiling rule.
Answers
Suggested answer: D
Total 62 questions
Go to page: of 7
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms