Black Friday Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

 
Home > Fortinet > Fortinet Certification > NSE7_OTS-7.2

NSE7_OTS-7.2 Fortinet NSE 7 - OT Security 7.2 Question and Answers

Question # 4

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

A.

CMDB reports

B.

Threat hunting reports

C.

Compliance reports

D.

OT/loT reports

Full Access
Question # 5

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

A.

Known trusted devices, each time they change location

B.

All connected devices, each time they connect

C.

Rogue devices, only when they connect for the first time

D.

Rogue devices, each time they connect

Full Access
Question # 6

Refer to the exhibits.

Which statement about some of the generated report elements from FortiAnalyzer is true?

A.

The report confirms Modbus and IEC 104 are the key applications crossing the network.

B.

FortiGate collects the logs and generates the report to FortiAnalyzer.

C.

The file types confirm the infected applications on the PLCs.

D.

This report is predefined and is not available for customization.

Full Access
Question # 7

Refer to the exhibit.

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

A.

FortiGate for SD-WAN

B.

FortiGate for application control and IPS

C.

FortiNAC for network access control

D.

FortiSIEM for security incident and event management

E.

FortiEDR for endpoint detection

Full Access
Question # 8

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

A.

FortiSIEM

B.

FortiManager

C.

FortiAnalyzer

D.

FortiGate

E.

FortiNAC

Full Access
Question # 9

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

A.

FortiGate determined the user by passive authentication

B.

The user was determined by Security Fabric

C.

Two-factor authentication is not configured with RADIUS authentication method

D.

FortiNAC determined the user by DHCP fingerprint method

Full Access
Question # 10

The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM reporting method helps to identify device failures?

A.

Business service reports

B.

Device inventory reports

C.

CMDB operational reports

D.

Active dependent rules reports

Full Access
Question # 11

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

A.

FortiSIEM and FortiManager

B.

FortiSandbox and FortiSIEM

C.

FortiSOAR and FortiSIEM

D.

A syslog server and FortiSIEM

Full Access
Question # 12

To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?

A.

By inspecting software and software-based vulnerabilities

B.

By inspecting applications only on nonprotected traffic

C.

By inspecting applications with more granularity by inspecting subapplication traffic

D.

By inspecting protocols used in the application traffic

Full Access
Question # 13

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Full Access
Question # 14

Refer to the exhibit and analyze the output.

Which statement about the output is true?

A.

This is a sample of a FortiAnalyzer system interface event log.

B.

This is a sample of an SNMP temperature control event log.

C.

This is a sample of a PAM event type.

D.

This is a sample of FortiGate interface statistics.

Full Access
Question # 15

You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

A.

Security

B.

IPS

C.

List

D.

Risk

E.

Overview

Full Access
Question # 16

Which statemenl about the IEC 104 protocol is true?

A.

IEC 104 is used for telecontrol SCADA in electrical engineering applications.

B.

IEC 104 is IEC 101 compliant in old SCADA systems.

C.

IEC 104 protects data transmission between OT devices and services.

D.

IEC 104 uses non-TCP/IP standards.

Full Access
Question # 17

Refer to the exhibit.

An OT administrator ran a report to identify device inventory in an OT network.

Based on the report results, which report was run?

A.

A FortiSIEM CMDB report

B.

A FortiAnalyzer device report

C.

A FortiSIEM incident report

D.

A FortiSIEM analytics report

Full Access
Question # 18

What can be assigned using network access control policies?

A.

Layer 3 polling intervals

B.

FortiNAC device polling methods

C.

Logical networks

D.

Profiling rules

Full Access
Copyright myexamcollection.com. All Right Reserved.