[OT Network Fundamentals and Segmentation] Refer to the exhibit. https://kxbjsyuhceggsyvxdkof.supabase.co/storage/v1/object/public/file-images/NSE7_OTS-7.2/page_15_img_1.jpg Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)

Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.

IT and OT networks are separated by segmentation.

Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.

Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.

IT and OT networks are separated by segmentation.

FortiGate-3 and FortiGate-4 devices must be in a transparent mode.

View NSE7_OTS-7.2 Exam Questions

Q: 1

[OT Network Fundamentals and Segmentation] Refer to the exhibit.

Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)

Options

Q: 2

[OT Network Fundamentals and Segmentation] A FortiGate device is newly deployed as the edge gateway of an OT network security fabric. The downstream FortiGate devices are also newly deployed as Security Fabric leafs to protect the control area zone. With no additional essential networking devices, and to implement micro-segmentation on this OT network, what configuration must the OT network architect apply to control intra-VLAN traffic?

Options

Q: 3

[Fortinet Products for OT Security] Which three common breach points can be found in a typical OT environment? (Choose three.)

Options

Q: 4

[Fortinet Products for OT Security] Operational technology (OT) network analysts run different levels of reports to identify failures that could put the network at risk Some of these reports may be related to device performance Which FortiSIEM reporting method helps identify device failures?

Options

Q: 5

[Fortinet Products for OT Security] An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication. What should the OT supervisor do to achieve this on FortiGate?

Options

Q: 6

[Fortinet Products for OT Security] What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)

Options

Q: 7

[Fortinet Products for OT Security] How can you achieve remote access and internet availability in an OT network?

Options

Q: 8

[OT Network Fundamentals and Segmentation] Refer to the exhibit.

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level. What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

Options

Q: 9

[OT Network Fundamentals and Segmentation] As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs. Which security sensor must implement to detect these types of industrial exploits?

Options

Q: 10

[Industrial Protocols and Risk Assessment] What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options

Question 1 of 20 · Page 1 / 2

Premium Access Includes

✓ Quiz Simulator
✓ Exam Mode
✓ Progress Tracking
✓ Question Saving
✓ Flash Cards
✓ Drag & Drops
✓ 3 Months Access
✓ PDF Downloads

Get Premium Access

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE