Weekend Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

Fortinet NSE7_OTS-7.2 - Fortinet NSE 7 - OT Security 7.2

Fortinet NSE7_OTS-7.2 Premium Access     Download Demo    
Page: 2 / 2
Total 69 questions

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

A.

Known trusted devices, each time they change location

B.

All connected devices, each time they connect

C.

Rogue devices, only when they connect for the first time

D.

Rogue devices, each time they connect

In a wireless network integration, how does FortiNAC obtain connecting MAC address information?

A.

RADIUS

B.

Link traps

C.

End station traffic monitoring

D.

MAC notification traps

Which type of attack posed by skilled and malicious users of security level 4 (SL 4) of IEC 62443 is designed to defend against intentional attacks?

A.

Users with access to moderate resources

B.

Users with low access to resources

C.

Users with unintentional operator error

D.

Users with substantial resources

What is the primary objective of implementing SD-WAN in operational technology (OT) networks'?

A.

Reduce security risk and threat attacks

B.

Remove centralized network security policies

C.

Enhance network performance of OT applications

D.

Replace standard links with lower cost connections

As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs.

Which security sensor must implement to detect these types of industrial exploits?

A.

Intrusion prevention system (IPS)

B.

Deep packet inspection (DPI)

C.

Antivirus inspection

D.

Application control

Which three common breach points can you find in a typical OT environment? (Choose three.)

A.

Black hat

B.

VLAN exploits

C.

Global hat

D.

RTU exploits

E.

Hard hat

Refer to the exhibit.

Given the configurations on the FortiGate, which statement is true?

A.

FortiGate is configured with forward-domains to reduce unnecessary traffic.

B.

FortiGate is configured with forward-domains to forward only domain controller traffic.

C.

FortiGate is configured with forward-domains to forward only company domain website traffic.

D.

FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.

Refer to the exhibit, which shows a non-protected OT environment.

An administrator needs to implement proper protection on the OT network.

Which three steps should an administrator take to protect the OT network? (Choose three.)

A.

Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.

B.

Deploy a FortiGate device within each ICS network.

C.

Configure firewall policies with web filter to protect the different ICS networks.

D.

Configure firewall policies with industrial protocol sensors

E.

Use segmentation

Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)

A.

Services defined in the firewall policy.

B.

Source defined as internet services in the firewall policy

C.

Lowest to highest policy ID number

D.

Destination defined as internet services in the firewall policy

E.

Highest to lowest priority defined in the firewall policy

Which three common breach points can be found in a typical OT environment? (Choose three.)

A.

Global hat

B.

Hard hat

C.

VLAN exploits

D.

Black hat

E.

RTU exploits