Download Fortinet NSE 7 - OT Security 7.2.NSE7_OTS-7.2.PassLeader.2025-02-28.30q.vcex

Vendor: Fortinet
Exam Code: NSE7_OTS-7.2
Exam Name: Fortinet NSE 7 - OT Security 7.2
Date: Feb 28, 2025
File Size: 18 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAMFILESCOM

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator
ProfExam Discount

Demo Questions

Question 1
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network. Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.) 
  1. You must set correct operator in event handler to trigger an event. 
  2. You can automate SOC tasks through playbooks. 
  3. Each playbook can include multiple triggers. 
  4. You cannot use Windows and Linux hosts security events with FortiSoC. 
Correct answer: AB
Explanation:
https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc 
https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc 
Question 2
You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM. Which three FortiSIEM options can you use to investigate these incidents? (Choose three.) 
  1. Security 
  2. IPS 
  3. List 
  4. Risk 
  5. Overview 
Correct answer: CDE
Question 3
When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules? 
  1. Known trusted devices, each time they change location. 
  2. All connected devices, each time they connect. 
  3. Rogue devices, only when they connect for the first time. 
  4. Rogue devices, each time they connect. 
Correct answer: C
Question 4
What two advantages does FortiNAC provide in the OT network? (Choose two.) 
  1. It can be used for IoT device detection. 
  2. It can be used for industrial intrusion detection and prevention. 
  3. It can be used for network micro-segmentation. 
  4. It can be used for device profiling. 
Correct answer: AD
Explanation:
Typically, in a microsegmented network, NGFWs are used in conjunction with VLANs to implement security policies and to inspect and filter network communications. Fortinet FortiSwitch and FortiGate NGFW offer an integrated approach to microsegmentation. 
Typically, in a microsegmented network, NGFWs are used in conjunction with VLANs to implement security policies and to inspect and filter network communications. Fortinet FortiSwitch and FortiGate NGFW offer an integrated approach to microsegmentation. 
Question 5
What triggers Layer 2 polling of infrastructure devices connected in the network? 
  1. A failed Layer 3 poll. 
  2. A matched security policy. 
  3. A matched profiling rule. 
  4. A linkup or linkdown trap. 
Correct answer: D
Question 6
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer. What are two possible reasons why the report output was empty? (Choose two.) 
  1. The administrator selected the wrong logs to be indexed in FortiAnalyzer. 
  2. The administrator selected the wrong time period for the report. 
  3. The administrator selected the wrong devices in the Devices section. 
  4. The administrator selected the wrong hcache table for the report. 
Correct answer: BC
Question 7
An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device. Which statement about the industrial signature database on FortiGate is true? 
  1. A supervisor must purchase an industrial signature database and import it to the FortiGate. 
  2. An administrator must create their own database using custom signatures. 
  3. By default, the industrial database is enabled. 
  4. A supervisor can enable it through the FortiGate CLI. 
Correct answer: D
Question 8
What can be assigned using network access control policies? 
  1. Layer 3 polling intervals. 
  2. FortiNAC device polling methods. 
  3. Logical networks. 
  4. Profiling rules. 
Correct answer: C
Question 9
As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol? 
  1. It uses OSI Layer 2 and the primary device sends data based on request from secondary device. 
  2. It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication. 
  3. It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring. 
  4. It uses OSI Layer 2 and the secondary device sends data based on request from primary device. 
Correct answer: D
Question 10
An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations. 
How can the OT network architect achieve this goal? 
  1. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network. 
  2. Configure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network. 
  3. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network. 
  4. Configure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network. 
Correct answer: C
Explanation:
This way, FortiSIEM can discover and monitor everything attached to the remote network and provide security visibility to the corporate network. 
This way, FortiSIEM can discover and monitor everything attached to the remote network and provide security visibility to the corporate network. 
Question 11
How can you achieve remote access and internel availability in an OT network? 
  1. Create a back-end backup network as a redundancy measure. 
  2. Implement SD-WAN to manage traffic on each ISP link. 
  3. Add additional internal firewalls to access OT devices. 
  4. Create more access policies to prevent unauthorized access. 
Correct answer: B
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!