NSE7_OTS-6.4 Online Practice Questions and Answers

Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)

A. FortiNAC

B. FortiManager

C. FortiAnalyzer

D. FortiSIEM

E. FortiGate

Refer to the exhibit.

You are navigating through FortiSIEM in an OT network.

How do you view information presented in the exhibit and what does the FortiGate device security status tell you?

A. In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.

B. In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.

C. In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.

D. In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

A. FortiSIEM and FortiManager

B. FortiSandbox and FortiSIEM

C. FortiSOAR and FortiSIEM

D. A syslog server and FortiSIEM

Refer to the exhibit.

You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.

What must you do to achieve this objective?

A. You must use a FortiAuthenticator.

B. You must register the same FortiToken on more than one FortiGate.

C. You must use the user self-registration server.

D. You must use a third-party RADIUS OTP server.

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then

users should be challenged with active authentication. What should the OT supervisor do to achieve this on FortiGate?

A. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.

B. Enable two-factor authentication with FSSO.

C. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.

D. Under config user settings configure set auth-on-demand implicit.

When you create a user or host profile, which three criteria can you use? (Choose three.)

A. Host or user group memberships

B. Administrative group membership

C. An existing access control policy

D. Location

E. Host or user attributes

You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

A. Security

B. IPS

C. List

D. Risk

E. Overview

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

A. Known trusted devices, each time they change location

B. All connected devices, each time they connect

C. Rogue devices, only when they connect for the first time

D. Rogue devices, each time they connect

Refer to the exhibit.

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

A. FortiGate for SD-WAN

B. FortiGate for application control and IPS

C. FortiNAC for network access control

D. FortiSIEM for security incident and event management

E. FortiEDR for endpoint detection

An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations.

How can the OT network architect achieve this goal?

A. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network.

B. Configure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network.

C. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network.

D. Configure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network.