Valid NSE7_OTS-7.2 Exam Q&A PDF NSE7_OTS-7.2 Dump is Ready (Updated 74 Questions) [Q23-Q43]

Share

Valid NSE7_OTS-7.2 Exam Q&A PDF NSE7_OTS-7.2 Dump is Ready (Updated 74 Questions)

Exam Questions and Answers for  NSE7_OTS-7.2 Study Guide

NEW QUESTION # 23
As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs.
Which security sensor must implement to detect these types of industrial exploits?

  • A. Deep packet inspection (DPI)
  • B. Intrusion prevention system (IPS)
  • C. Antivirus inspection
  • D. Application control

Answer: D


NEW QUESTION # 24
Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

  • A. Network attacks can be detected and blocked.
  • B. FortiGate receives traffic from configured port mirroring.
  • C. FortiGate acts as network sensor.
  • D. Network traffic goes through FortiGate.

Answer: C,D


NEW QUESTION # 25
An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site.
Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources. As the OT network administrator, what is the best scenario to provide external access to the third- party company while continuing to secure the ICS networks?

  • A. Implement an additional firewall using an additional upstream link to the internet.
  • B. Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.
  • C. Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.
  • D. Configure outbound security policies with limited active authentication users of the third-party company.

Answer: B


NEW QUESTION # 26
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

  • A. You cannot use Windows and Linux hosts security events with FortiSoC.
  • B. You must set correct operator in event handler to trigger an event.
  • C. You can automate SOC tasks through playbooks.
  • D. Each playbook can include multiple triggers.

Answer: B,C

Explanation:
Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc


NEW QUESTION # 27
An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.
What should the OT supervisor do to achieve this on FortiGate?

  • A. Enable two-factor authentication with FSSO.
  • B. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
  • C. Under config user settings configure set auth-on-demand implicit.
  • D. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.

Answer: D

Explanation:
The OT supervisor should configure a firewall policy with FSSO users and place it on the top of list of firewall policies in order to achieve the goal of authenticating users against passive authentication first and, if passive authentication is not successful, then challenging them with active authentication.


NEW QUESTION # 28
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic?
(Choose three.)

  • A. Lowest to highest policy ID number
  • B. Source defined as internet services in the firewall policy
  • C. Destination defined as internet services in the firewall policy
  • D. Highest to lowest priority defined in the firewall policy
  • E. Services defined in the firewall policy.

Answer: C,D,E

Explanation:
The three criteria that a FortiGate device can use to look for a matching firewall policy to process traffic are:
A: Services defined in the firewall policy - FortiGate devices can match firewall policies based on the services defined in the policy, such as HTTP, FTP, or DNS.
D: Destination defined as internet services in the firewall policy - FortiGate devices can also match firewall policies based on the destination of the traffic, including destination IP address, interface, or internet services.
E: Highest to lowest priority defined in the firewall policy - FortiGate devices can prioritize firewall policies based on the priority defined in the policy. The device will process traffic against the policy with the highest priority first and move down the list until it finds a matching policy.


NEW QUESTION # 29
Refer to the exhibit. You are assigned to implement a remote authentication server in the OT network. Which part of the hierarchy should the authentication server be part of?

  • A. Access
  • B. Edge
  • C. Cloud
  • D. Core

Answer: B


NEW QUESTION # 30
The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM reporting method helps to identify device failures?

  • A. Business service reports
  • B. CMDB operational reports
  • C. Active dependent rules reports
  • D. Device inventory reports

Answer: B


NEW QUESTION # 31
Refer to the exhibits.

Which statement is true about the traffic passing through to PLC-2?

  • A. SSL Inspection must be set to deep-inspection to correctly apply application control.
  • B. IEC 104 signatures are all allowed except the C.BO.NA 1 signature.
  • C. IPS must be enabled to inspect application signatures.
  • D. The application filter overrides the default action of some IEC 104 signatures.

Answer: D


NEW QUESTION # 32
You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM. Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

  • A. Overview
  • B. IPS
  • C. Security
  • D. Risk
  • E. List

Answer: A,D,E


NEW QUESTION # 33
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.
What is a possible reason?

  • A. Two-factor authentication is not configured with RADIUS authentication method
  • B. The user was determined by Security Fabric
  • C. FortiGate determined the user by passive authentication
  • D. FortiNAC determined the user by DHCP fingerprint method

Answer: C


NEW QUESTION # 34
Refer to the exhibit, which shows a non-protected OT environment.

An administrator needs to implement proper protection on the OT network. Which three steps should an administrator take to protect the OT network? (Choose three.)

  • A. Use segmentation
  • B. Configure firewall policies with web filter to protect the different ICS networks.
  • C. Configure firewall policies with industrial protocol sensors
  • D. Deploy a FortiGate device within each ICS network.
  • E. Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.

Answer: B,C,E


NEW QUESTION # 35
Refer to the exhibit

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.
Which statement about the topology is true?

  • A. An administrator can create firewall policies in the switch to secure between PLCs.
  • B. There is no micro-segmentation in this topology.
  • C. PLCs use IEEE802.1Q protocol to communicate each other.
  • D. This integration solution expands VLAN capabilities from Layer 2 to Layer 3.

Answer: B


NEW QUESTION # 36
Which three methods of communication are used by FortiNAC to gather visibility information?
(Choose three.)

  • A. API
  • B. RADIUS
  • C. SNMP
  • D. ICMP
  • E. TACACS

Answer: A,B,C


NEW QUESTION # 37
An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs.
All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network.
What statement about the traffic between PLC1 and PLC2 is true?

  • A. The Layer 2 switch rewrites VLAN tags before sending traffic to the FortiGate device.
  • B. The Layer 2 switches routes any traffic to the FortiGate device through an Ethernet link.
  • C. PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.
  • D. In order to communicate, PLC1 must be in the same VLAN as PLC2.

Answer: C

Explanation:
The statement that is true about the traffic between PLC1 and PLC2 is that PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.


NEW QUESTION # 38
Refer to the exhibit. You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.
What must you do to achieve this objective?

  • A. You must use a third-party RADIUS OTP server.
  • B. You must use a FortiAuthenticator.
  • C. You must register the same FortiToken on more than one FortiGate.
  • D. You must use the user self-registration server.

Answer: B


NEW QUESTION # 39
What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

  • A. Implementing strategies to automatically bring PLCs offline
  • B. Creating disaster recovery plans to switch operations to a backup plant
  • C. Planning a threat hunting strategy
  • D. Evaluating what can go wrong before it happens

Answer: A,B


NEW QUESTION # 40
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

  • A. You cannot use Windows and Linux hosts security events with FortiSoC.
  • B. You must set correct operator in event handler to trigger an event.
  • C. You can automate SOC tasks through playbooks.
  • D. Each playbook can include multiple triggers.

Answer: B,C

Explanation:
Explanation
Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc


NEW QUESTION # 41
Refer to the exhibit.

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level.
What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

  • A. Set a unique forward domain for each interface of the software switch.
  • B. Create a VLAN for each device and replace the current FGT-2 software switch members.
  • C. Implement policy routes on FGT-2 to control traffic between devices.
  • D. Enable explicit intra-switch policy to require firewall policies on FGT-2.

Answer: A,B


NEW QUESTION # 42
To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?

  • A. By inspecting software and software-based vulnerabilities
  • B. By inspecting applications with more granularity by inspecting subapplication traffic
  • C. By inspecting applications only on nonprotected traffic
  • D. By inspecting protocols used in the application traffic

Answer: C


NEW QUESTION # 43
......

Certification dumps - NSE 7 Network Security Architect NSE7_OTS-7.2 guides - 100% valid: https://www.free4torrent.com/NSE7_OTS-7.2-braindumps-torrent.html

100% Pass Your NSE7_OTS-7.2 Fortinet NSE 7 - OT Security 7.2 at First Attempt with Free4Torrent: https://drive.google.com/open?id=1z4tMP8FQP7QVU-1AFmVFHhWzPeIMMczx