Fortinet NSE7_OTS-7.2 Exam Practice Test Instant Access

Question 1

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

AFortiSIEM

BFortiManager

CFortiAnalyzer

DFortiGate

EFortiNAC

Answer : A, D, E

Question 2

How can you achieve remote access and internet availability in an OT network?

ACreate a back-end backup network as a redundancy measure.

BImplement SD-WAN to manage traffic on each ISP link.

CAdd additional internal firewalls to access OT devices.

DCreate more access policies to prevent unauthorized access.

Answer : B

Question 3

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

AFortiGate receives traffic from configured port mirroring.

BNetwork traffic goes through FortiGate.

CFortiGate acts as network sensor.

DNetwork attacks can be detected and blocked.

Answer : B, C

Question 4

Which two statements about the Modbus protocol are true? (Choose two.)

AModbus uses UDP frames to transport MBAP and function codes.

BMost of the PLC brands come with a built-in Modbus module.

CYou can implement Modbus networking settings on internetworking devices.

DModbus is used to establish communication between intelligent devices.

Answer : B, C

Question 5

Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

AModbus

BNIST Cybersecurity

CIEC 62443

DIEC104

Answer : C, D

Question 6

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site.

Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources.

As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?

AConfigure outbound security policies with limited active authentication users of the third-party company.

BCreate VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.

CSplit the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.

DImplement an additional firewall using an additional upstream link to the internet.

Answer : C

Question 7

Refer to the exhibit.

An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus traffic and application logs being received correctly by FortiSIEM.

Which statement correctly describes the issue on the rule configuration?

AThe first condition on the SubPattern filter must use the OR logical operator.

BThe attributes in the Group By section must match the ones in Fitters section.

CThe Aggregate attribute COUNT expression is incompatible with the filters.

DThe SubPattern is missing the filter to match the Modbus protocol.

Answer : B

Fortinet NSE7_OTS-7.2 Fortinet NSE 7 - OT Security 7.2 Exam Practice Test