NSE7_OTS-7.2 Demo and Sample
Note: Answers are below each question.
Samples are taken from full version.
Latest NSE7_OTS-7.2 Exam Questions and Practice Tests 2024 - Killexams.com
NSE7_OTS-7.2 Dumps
NSE7_OTS-7.2 Braindumps NSE7_OTS-7.2 Real Questions NSE7_OTS-7.2 Practice Test NSE7_OTS-7.2 Actual Questions
Fortinet
NSE7_OTS-7.2
Trustworthy for Fortinet Certified Solution Specialist (FCSS)
https://killexams.com/pass4sure/exam-detail/NSE7_OTS-7.2
Question: 137
An OT network administrator is trying to implement active authentication. Which two methods should the administrator use to achieve this? (Choose two.)
Two-factor authentication on FortiAuthenticator
Role-based authentication on FortiNAC
FSSO authentication on FortiGate
Local authentication on FortiGate
Answer: A,D Question: 138
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.
Which step must the administrator take to achieve this task?
Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.
Create a notification policy and define a script/remediation on FortiSIE
Define a script/remediation on FortiManager and enable a notification rule on FortiSIE
Deploy a mitigation script on Active Directory and create a notification policy on FortiSIE
Answer: B
Explanation:
Reference: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/06918379-afd1-11e9-a989- 00505692583a/Standalone_PDF.pdf
Question: 139
An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.
What should the OT supervisor do to achieve this on FortiGate?
Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
Enable two-factor authentication with FSS
Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
Under config user settings configure set auth-on-demand implicit.
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)
FortiNAC
FortiManager
FortiAnalyzer
FortiSIEM
FortiGate
Answer: A,D,E Question: 141 Refer to the exhibit.
Given the configurations on the FortiGate, which statement is true?
FortiGate is configured with forward-domains to reduce unnecessary traffic.
FortiGate is configured with forward-domains to forward only domain controller traffic.
FortiGate is configured with forward-domains to forward only company domain website traffic.
FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.
Answer: A Question: 142
An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.
Which statement about the industrial signature database on FortiGate is true?
A supervisor must purchase an industrial signature database and import it to the FortiGate.
An administrator must create their own database using custom signatures.
By default, the industrial database is enabled.
A supervisor can enable it through the FortiGate CL
Refer to the exhibit.
You are navigating through FortiSIEM in an OT network.
How do you view information presented in the exhibit and what does the FortiGate device security status tell you?
In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.
In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.
In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.
In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.
Answer: B Question: 144 Refer to the exhibit.
You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken.
Each site has a FortiGate VPN gateway. What must you do to achieve this objective?
You must use a FortiAuthenticator.
You must register the same FortiToken on more than one FortiGate.
You must use the user self-registration server.
You must use a third-party RADIUS OTP server.
Answer: A Question: 145
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)
Enhanced point of connection details
Direct VLAN assignment
Adapter consolidation for multi-adapter hosts
Importation and classification of hosts
Answer: A,C,D Question: 146
Refer to the exhibit, which shows a non-protected OT environment.
An administrator needs to implement proper protection on the OT network.
Which three steps should an administrator take to protect the OT network? (Choose three.)
Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.
Deploy a FortiGate device within each ICS network.
Configure firewall policies with web filter to protect the different ICS networks.
Configure firewall policies with industrial protocol sensors
Use segmentation
Answer: A,B,D,E Question: 147
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.
What is a possible reason?
FortiGate determined the user by passive authentication
The user was determined by Security Fabric
Two-factor authentication is not configured with RADIUS authentication method
FortiNAC determined the user by DHCP fingerprint method
Answer: A Question: 148 Refer to the exhibit.
Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)
Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.
Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.
IT and OT networks are separated by segmentation.
FortiGate-3 and FortiGate-4 devices must be in a transparent mode.
Answer: A,C Question: 149
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)
You must set correct operator in event handler to trigger an event.
You can automate SOC tasks through playbooks.
Each playbook can include multiple triggers.
You cannot use Windows and Linux hosts security events with FortiSo
Answer: A,B
Explanation:
Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc
Question: 150
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.
What are two possible reasons why the report output was empty? (Choose two.)
The administrator selected the wrong logs to be indexed in FortiAnalyzer.
The administrator selected the wrong time period for the report.
The administrator selected the wrong devices in the Devices section.
The administrator selected the wrong hcache table for the report.
Answer: A,B,C Question: 151
In a wireless network integration, how does FortiNAC obtain connecting MAC address information?
RADIUS
Link traps
End station traffic monitoring
MAC notification traps
Answer: A
6$03/( 48(67,216
7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV
.LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP
$FWXDO ([DP 4XHVWLRQV .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG LQ WHVW FHQWHUV 7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV FDQGLGDWHV FDQ IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP
([DP 'XPSV .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW 7KHVH GXPSV FRQWDLQ D FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV %\ XVLQJ WKHVH GXPSV FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH FHUWLILFDWLRQ H[DP
3UDFWLFH 7HVWV .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP VLPXODWRU DQG RQOLQH WHVW HQJLQH 7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP 7KH SUDFWLFH WHVWV FRYHU D ZLGH UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV
*XDUDQWHHG 6XFFHVV .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV 7KH\ FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\ ZLOO UHIXQG WKH SXUFKDVH SULFH 7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV
8SGDWHG &RQWHQW .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV 7KLV KHOSV FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV
7HFKQLFDO 6XSSRUW .LOOH[DPV FRP SURYLGHV IUHH [ WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV 7KHLU FHUWLILHG H[SHUWV DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ MRXUQH\
'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU
.LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG
View Practice Questions »