Fortinet NSE7_OTS-7.2 Exam Practice Test Instant Access

Question 1

[Fortinet Products for OT Security]

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

AEach traffic VDOM must have a direct connection to FortiGuard services to receive the required security updates.

BThe management VDOM must have access to all global security services.

CEach VDOM must have an independent security license.

DTraffic between VDOMs must pass through the physical interfaces of FortiGate to check for security incidents.

Answer : D

Question 2

[Fortinet Products for OT Security]

Operational technology (OT) network analysts run different levels of reports to identify failures that could put the network at risk Some of these reports may be related to device performance

Which FortiSIEM reporting method helps identify device failures?

ADevice inventory reports

BPayment card industry (PCI) logging reports

CConfiguration management database (CMDB) operational reports

DBusiness service reports

Answer : C

Question 3

[Industrial Protocols and Risk Assessment]

Which type of attack posed by skilled and malicious users of security level 4 (SL 4) of IEC 62443 is designed to defend against intentional attacks?

AUsers with access to moderate resources

BUsers with low access to resources

CUsers with unintentional operator error

DUsers with substantial resources

Answer : D

Question 4

[Industrial Protocols and Risk Assessment]

Refer to the exhibit.

An OT network security audit concluded that the application sensor requires changes to ensure the correct security action is committed against the overrides filters.

Which change must the OT network administrator make?

ASet all application categories to apply default actions.

BChange the security action of the industrial category to monitor.

CSet the priority of the C.BO.NA.1 signature override to 1.

DRemove IEC.60870.5.104 Information.Transfer from the first filter override.

Answer : D

Question 5

[Fortinet Products for OT Security]

An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.

What are two possible reasons why the report output was empty? (Choose two.)

AThe administrator selected the wrong logs to be indexed in FortiAnalyzer.

BThe administrator selected the wrong time period for the report.

CThe administrator selected the wrong devices in the Devices section.

DThe administrator selected the wrong hcache table for the report.

Answer : B, C

Question 6

[Monitoring, Logging, and Incident Response]

An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations.

How can the OT network architect achieve this goal?

AConfigure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network.

BConfigure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network.

CConfigure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network.

DConfigure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network.

Answer : C

Question 7

[Fortinet Products for OT Security]

In a wireless network integration, how does FortiNAC obtain connecting MAC address information?

ARADIUS

BLink traps

CEnd station traffic monitoring

DMAC notification traps

Answer : A

Fortinet NSE7_OTS-7.2 Fortinet NSE 7 - OT Security 7.2 Exam Practice Test