Big Halloween Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

  1. Home
  2. Fortinet
  3. NSE 7 Network Security Architect
  4. NSE7_OTS-7.2
  5. Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Pass the Fortinet NSE 7 Network Security Architect NSE7_OTS-7.2 Questions and answers with CertsForce

 Fortinet Exams      Go to Exam Detail      Get Premium Access
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions
Questions # 1:

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options:
A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Expert Solution
Questions # 2:

Refer to the exhibit.

Question # 2

An operational technology rule is created and successfully activated to monitor the Modbus protocol on FortiSIEM. However, the rule does not trigger incidents despite Modbus traffic and application logs being received correctly by FortiSIEM.

Which statement correctly describes the issue on the rule configuration?

Options:
A.

The first condition on the SubPattern filter must use the OR logical operator.

B.

The attributes in the Group By section must match the ones in Fitters section.

C.

The Aggregate attribute COUNT expression is incompatible with the filters.

D.

The SubPattern is missing the filter to match the Modbus protocol.

Expert Solution
Questions # 3:

Refer to the exhibit.

Question # 3

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level.

What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

Options:
A.

Set a unique forward domain for each interface of the software switch.

B.

Create a VLAN for each device and replace the current FGT-2 software switch members.

C.

Enable explicit intra-switch policy to require firewall policies on FGT-2.

D.

Implement policy routes on FGT-2 to control traffic between devices.

Expert Solution
Questions # 4:

As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs.

Which security sensor must implement to detect these types of industrial exploits?

Options:
A.

Intrusion prevention system (IPS)

B.

Deep packet inspection (DPI)

C.

Antivirus inspection

D.

Application control

Expert Solution
Questions # 5:

What two advantages does FortiNAC provide in the OT network? (Choose two.)

Options:
A.

It can be used for IoT device detection.

B.

It can be used for industrial intrusion detection and prevention.

C.

It can be used for network micro-segmentation.

D.

It can be used for device profiling.

Expert Solution
Questions # 6:

What can be assigned using network access control policies?

Options:
A.

Layer 3 polling intervals

B.

FortiNAC device polling methods

C.

Logical networks

D.

Profiling rules

Expert Solution
Questions # 7:

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

Options:
A.

You must set correct operator in event handler to trigger an event.

B.

You can automate SOC tasks through playbooks.

C.

Each playbook can include multiple triggers.

D.

You cannot use Windows and Linux hosts security events with FortiSoC.

Expert Solution
Questions # 8:

FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer.

In this scenario, which statement is correct about the purpose of FortiAnalyzer receiving and processing multiple log messages from a given PLC or RTU?

Options:
A.

To isolate PLCs or RTUs in the event of external attacks

B.

To configure event handlers and take further action on FortiGate

C.

To determine which type of messages from the PLC or RTU causes issues in the plant

D.

To help OT administrators configure the network and prevent breaches

Expert Solution
Questions # 9:

Which type of attack posed by skilled and malicious users of security level 4 (SL 4) of IEC 62443 is designed to defend against intentional attacks?

Options:
A.

Users with access to moderate resources

B.

Users with low access to resources

C.

Users with unintentional operator error

D.

Users with substantial resources

Expert Solution
Questions # 10:

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.

What should the OT supervisor do to achieve this on FortiGate?

Options:
A.

Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.

B.

Enable two-factor authentication with FSSO.

C.

Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.

D.

Under config user settings configure set auth-on-demand implicit.

Expert Solution
Viewing page 1 out of 2 pages
Viewing questions 1-10 out of questions