NSE7_OTS-6.4 Online Practice Questions and Answers

Refer to the exhibit and analyze the output.

Which statement about the output is true?

A. This is a sample of a FortiAnalyzer system interface event log.

B. This is a sample of an SNMP temperature control event log.

C. This is a sample of a PAM event type.

D. This is a sample of FortiGate interface statistics.

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then

users should be challenged with active authentication. What should the OT supervisor do to achieve this on FortiGate?

A. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.

B. Enable two-factor authentication with FSSO.

C. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.

D. Under config user settings configure set auth-on-demand implicit.

An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.

On which device can this be accomplished?

A. FortiGate

B. FortiEDR

C. FortiSwitch

D. FortiNAC

An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.

Which step must the administrator take to achieve this task?

A. Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.

B. Create a notification policy and define a script/remediation on FortiSIEM.

C. Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.

D. Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.

When you create a user or host profile, which three criteria can you use? (Choose three.)

A. Host or user group memberships

B. Administrative group membership

C. An existing access control policy

D. Location

E. Host or user attributes

Refer to the exhibit, which shows a non-protected OT environment.

An administrator needs to implement proper protection on the OT network.

Which three steps should an administrator take to protect the OT network? (Choose three.)

A. Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.

B. Deploy a FortiGate device within each ICS network.

C. Configure firewall policies with web filter to protect the different ICS networks.

D. Configure firewall policies with industrial protocol sensors

E. Use segmentation

Refer to the exhibit.

Which statement about the interfaces shown in the exhibit is true?

A. port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

B. The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.

C. port1-vlan10 and port2-vlan10 are part of the same broadcast domain

D. port1, port1-vlan10, and port1-vlan1 are in different broadcast domains

What two advantages does FortiNAC provide in the OT network? (Choose two.)

A. It can be used for IoT device detection.

B. It can be used for industrial intrusion detection and prevention.

C. It can be used for network micro-segmentation.

D. It can be used for device profiling.

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

A. A supervisor must purchase an industrial signature database and import it to the FortiGate.

B. An administrator must create their own database using custom signatures.

C. By default, the industrial database is enabled.

D. A supervisor can enable it through the FortiGate CLI.

Refer to the exhibit.

An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.

Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

A. The FortiGate-Edge device must be in NAT mode.

B. NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.

C. The FortiGate devices is in offline IDS mode.

D. Port5 is not a member of the software switch.