Weekend Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. Fortinet
  3. NSE 7 Network Security Architect
  4. NSE7_OTS-7.2
  5. NSE7_OTS-7.2 - Fortinet NSE 7 - OT Security 7.2

Fortinet NSE7_OTS-7.2 Fortinet NSE 7 - OT Security 7.2 Exam Practice Test

Page: 1 / 7
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF

Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Question 1

Refer to the exhibit.

Question # 1

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT cannot send traffic to each other.

Which two statements about the traffic between PCL-1 and PLC-2 are true? (Choose two.)

Options:

A.

The switch on FGT-2 must be hardware to implement micro-segmentation.

B.

Micro-segmentation on FGT-2 prevents direct device-to-device communication.

C.

Traffic must be inspected by FGT-EDGE in OT networks.

D.

FGT-2 controls intra-VLAN traffic through firewall policies.

Question 2

Refer to the exhibit.

Given the configurations on the FortiGate, which statement is true?

Options:

A.

FortiGate is configured with forward-domains to reduce unnecessary traffic.

B.

FortiGate is configured with forward-domains to forward only domain controller traffic.

C.

FortiGate is configured with forward-domains to forward only company domain website traffic.

D.

FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.

Question 3

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

Options:

A.

FortiGate receives traffic from configured port mirroring.

B.

Network traffic goes through FortiGate.

C.

FortiGate acts as network sensor.

D.

Network attacks can be detected and blocked.

Question 4

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

Options:

A.

FortiSIEM and FortiManager

B.

FortiSandbox and FortiSIEM

C.

FortiSOAR and FortiSIEM

D.

A syslog server and FortiSIEM

Question 5

An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations.

How can the OT network architect achieve this goal?

Options:

A.

Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network.

B.

Configure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network.

C.

Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network.

D.

Configure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network.

Question 6

The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM reporting method helps to identify device failures?

Options:

A.

Business service reports

B.

Device inventory reports

C.

CMDB operational reports

D.

Active dependent rules reports

Question 7

As an OT administrator, it is important to understand how industrial protocols work in an OT network.

Which communication method is used by the Modbus protocol?

Options:

A.

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

B.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

C.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

D.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

Question 8

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

Options:

A.

Each traffic VDOM must have a direct connection to FortiGuard services to receive the required security updates.

B.

The management VDOM must have access to all global security services.

C.

Each VDOM must have an independent security license.

D.

Traffic between VDOMs must pass through the physical interfaces of FortiGate to check for security incidents.

Question 9

Refer to the exhibit.

An OT network security audit concluded that the application sensor requires changes to ensure the correct security action is committed against the overrides filters.

Which change must the OT network administrator make?

Options:

A.

Set all application categories to apply default actions.

B.

Change the security action of the industrial category to monitor.

C.

Set the priority of the C.BO.NA.1 signature override to 1.

D.

Remove IEC.60870.5.104 Information.Transfer from the first filter override.

Question 10

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:

A.

FortiSIEM

B.

FortiManager

C.

FortiAnalyzer

D.

FortiGate

E.

FortiNAC

Question 11

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site.

Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources.

As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?

Options:

A.

Configure outbound security policies with limited active authentication users of the third-party company.

B.

Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.

C.

Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.

D.

Implement an additional firewall using an additional upstream link to the internet.

Question 12

Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

Options:

A.

Modbus

B.

NIST Cybersecurity

C.

IEC 62443

D.

IEC104

Question 13

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

Options:

A.

CMDB reports

B.

Threat hunting reports

C.

Compliance reports

D.

OT/loT reports

Question 14

Refer to the exhibits.

Question # 14

Which statement about some of the generated report elements from FortiAnalyzer is true?

Options:

A.

The report confirms Modbus and IEC 104 are the key applications crossing the network.

B.

FortiGate collects the logs and generates the report to FortiAnalyzer.

C.

The file types confirm the infected applications on the PLCs.

D.

This report is predefined and is not available for customization.

Question 15

Operational technology (OT) network analysts run different levels of reports to identify failures that could put the network at risk Some of these reports may be related to device performance

Which FortiSIEM reporting method helps identify device failures?

Options:

A.

Device inventory reports

B.

Payment card industry (PCI) logging reports

C.

Configuration management database (CMDB) operational reports

D.

Business service reports

Question 16

Refer to the exhibit.

Question # 16

The IPS profile is added on all of the security policies on FortiGate.

For an OT network, which statement of the IPS profile is true?

Options:

A.

FortiGate has no IPS industrial signature database enabled.

B.

The listed IPS signatures are classified as SCADA equipment.

C.

All IPS signatures are overridden and must block traffic match signature patterns.

D.

The IPS profile inspects only traffic originating from SCADA equipment.

Question 17

In a wireless network integration, how does FortiNAC obtain connecting MAC address information?

Options:

A.

RADIUS

B.

Link traps

C.

End station traffic monitoring

D.

MAC notification traps

Question 18

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

Options:

A.

Known trusted devices, each time they change location

B.

All connected devices, each time they connect

C.

Rogue devices, only when they connect for the first time

D.

Rogue devices, each time they connect

Question 19

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options:

A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Question 20

Which three common breach points can be found in a typical OT environment? (Choose three.)

Options:

A.

Global hat

B.

Hard hat

C.

VLAN exploits

D.

Black hat

E.

RTU exploits

Load More NSE7_OTS-7.2 Questions 
Page: 1 / 7
Total 69 questions
Get NSE7_OTS-7.2 Full Access Download NSE7_OTS-7.2 PDF