Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: simple70

Discussions
  1. Home
  2. Fortinet
  3. NSE 7 Network Security Architect
  4. NSE7_OTS-7.2
  5. Fortinet NSE 7 - OT Security 7.2 Questions and Answers

Pass the Fortinet NSE 7 Network Security Architect NSE7_OTS-7.2 Questions and answers with ValidTests

Exam NSE7_OTS-7.2 All Questions
Exam NSE7_OTS-7.2 Premium Access

View all detail and faqs for the NSE7_OTS-7.2 exam

Go to Exam
Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions
Questions # 1:

What triggers Layer 2 polling of infrastructure devices connected in the network?

Options:

A.

A failed Layer 3 poll

B.

A matched security policy

C.

A matched profiling rule

D.

A linkup or linkdown trap

Expert Solution
Questions # 2:

Which statement is correct about processing matched rogue devices by FortiNAC?

Options:

A.

FortiNAC cannot revalidate matched devices.

B.

FortiNAC remembers the match ng rule of the rogue device

C.

FortiNAC disables matching rule of previously-profiled rogue devices.

D.

FortiNAC matches the rogue device with only one device profiling rule.

Expert Solution
Questions # 3:

What can be assigned using network access control policies?

Options:

A.

Layer 3 polling intervals

B.

FortiNAC device polling methods

C.

Logical networks

D.

Profiling rules

Expert Solution
Questions # 4:

Refer to the exhibit.

Question # 4

You are navigating through FortiSIEM in an OT network.

How do you view information presented in the exhibit and what does the FortiGate device security status tell you?

Options:

A.

In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.

B.

In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.

C.

In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.

D.

In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.

Expert Solution
Questions # 5:

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.

What is a possible reason?

Options:

A.

FortiGate determined the user by passive authentication

B.

The user was determined by Security Fabric

C.

Two-factor authentication is not configured with RADIUS authentication method

D.

FortiNAC determined the user by DHCP fingerprint method

Expert Solution
Questions # 6:

Refer to the exhibit.

Question # 6

Given the configurations on the FortiGate, which statement is true?

Options:

A.

FortiGate is configured with forward-domains to reduce unnecessary traffic.

B.

FortiGate is configured with forward-domains to forward only domain controller traffic.

C.

FortiGate is configured with forward-domains to forward only company domain website traffic.

D.

FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.

Expert Solution
Questions # 7:

As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs.

Which security sensor must implement to detect these types of industrial exploits?

Options:

A.

Intrusion prevention system (IPS)

B.

Deep packet inspection (DPI)

C.

Antivirus inspection

D.

Application control

Expert Solution
Questions # 8:

Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

Options:

A.

Modbus

B.

NIST Cybersecurity

C.

IEC 62443

D.

IEC104

Expert Solution
Questions # 9:

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:

A.

FortiSIEM

B.

FortiManager

C.

FortiAnalyzer

D.

FortiGate

E.

FortiNAC

Expert Solution
Questions # 10:

Refer to the exhibit.

Question # 10

You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.

What must you do to achieve this objective?

Options:

A.

You must use a FortiAuthenticator.

B.

You must register the same FortiToken on more than one FortiGate.

C.

You must use the user self-registration server.

D.

You must use a third-party RADIUS OTP server.

Expert Solution
Viewing page 1 out of 3 pages
Viewing questions 1-10 out of questions