NSE7_OTS-7.2 Exam Questions

Refer to the exhibit. You are assigned to implement a remote authentication server in the OT network. Which part of the hierarchy should the authentication server be part of?

A FortiGate device is newly deployed as the edge gateway of an OT network security fabric. The downstream FortiGate devices are also newly deployed as Security Fabric leafs to prot...

FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer. In this scenario, which statement is...

Refer to the exhibit. The IPS profile is added on all of the security policies on FortiGate. For an OT network, which statement of the IPS profile is true?

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement...

Refer to the exhibit. PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT cannot sen...

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

Refer to the exhibit. In order for a FortiGate device to act as router on a stick, what configuration must an OT network architect implement on FortiGate to achieve inter-VLAN rout...

The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM...

Which statemenl about the IEC 104 protocol is true?

Refer to the exhibit. Which statement is true about application control inspection?

Refer to the exhibits. Which statement about some of the generated report elements from FortiAnalyzer is true?

Which three device profiling methods of FortiNAC are considered non-direct? (Choose three.)

A supervisor is configuring a software switch on a FortiGate device. What must the supervisor configure on FortiGate to control the traffic between member interfaces on the softwar...

What is the main difference between real-time logs and historical logs on FortiAnalyzer?

An administrator needs to group FortiGate wireless interfaces in NAT mode with multiple physical interfaces. What interface type must the administrator select to group multiple For...

Which deployment option allows an administrator to detect intrusions without any modifications to production traffic?

Which three protocols are used as industrial Ethernet protocols? (Choose three.)

In the context of FortiNAC, what is a key feature of a logical network?

Which two statements about FortiSIEM are true? (Choose two.)

An OT customer is using multiple FortiGate devices in their network to implement two-factor authentication with hardware FortiTokens. A supervisor is carrying multiple FortiTokens...

Refer to the exhibit.A new operational technology rule is being created to monitor Modbus protocol traffic on FortiSIEM. Which action will ensure all Modbus messages on the network...

Which type of attack posed by skilled and malicious users of security level 3 (SL 3) of IEC 62443 is designed to defend against intentional attacks?

As an ОТ network administrator, you are required to generate reports that primarily use the same type of data sent to FortiSIEM. These reports are based on the preloaded analytic s...

Operational technology (ОТ) network analysts run different levels of reports to identify failures that could put the network at risk. Some of these reports may be related to device...

In an operation technology (ОТ) network. FortiAnalyzer is used to receive and process logs from responsible FortiGate devices. Which statement about why FortiAnalyzer is receiving...

What is the primary objective of implementing SD-WAN in operational technology (ОТ) networks?

Refer to the exhibit, which shows a nonprotected ОТ environment. An administrator needs to implement appropriate protection on the ОТ network. Which three steps should an administr...

Refer to the exhibit. An operational technology (ОТ) architect has implemented Modbus TCP with a simulation Conpot server to identify and control Modbus traffic in their ОТ network...

Which statement about how FortiNAC processes matched rogue devices is true?

Refer to the exhibit. You are creating a new operational technology (OT) rule to monitor Modbus protocol traffic on FortiSIEM. Which action must you take to ensure that all Modbus...

An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for an...

An organization has deployed an entry-level FortiGate device in their operational technology (OT) network. The administrator is looking for a simple solution to detect and block al...

Refer to the exhibit. You need to configure VPN user access for supervisors at the branch and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway. What m...

Refer to the exhibit. The network topology in the exhibit shows FortiGate devices as well as FortiAnalyzer and FortiSIEM for the OT network. Which two steps must you take to config...

An OT architect has deployed a Layer 2 switch in the OT network at Level 1 in the Purdue model- process control. The purpose of the Layer 2 switch is to segment traffic between PLC...

Refer to the exhibit. An OT network architect must implement inter-VLAN routing in the topology. Traffic from each client is tagged with a unique VLAN. Each client is directly conn...

Which two of the following features do most industrial protocols lack? (Choose two.)

Which statement about how FortiNAC re-evaluates previously profiled devices is true?