The Most Recent Guide To NSE7_OTS-6.4 Practice

Actualtests offers free demo for NSE7_OTS-6.4 exam. "Fortinet NSE 7 - OT Security 6.4", also known as NSE7_OTS-6.4 exam, is a Fortinet Certification. This set of posts, Passing the Fortinet NSE7_OTS-6.4 exam, will help you answer those questions. The NSE7_OTS-6.4 Questions & Answers covers all the knowledge points of the real exam. 100% real Fortinet NSE7_OTS-6.4 exams and revised by experts!

Page: 1 / 2

Total 35 questions Full Exam Access

Question 1

An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network.
What statement about the traffic between PLC1 and PLC2 is true?

The Layer 2 switch rewrites VLAN tags before sending traffic to the FortiGate device.

The Layer 2 switches routes any traffic to the FortiGate device through an Ethernet link.

PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.

In order to communicate, PLC1 must be in the same VLAN as PLC2.

Question 2

Refer to the exhibit.
NSE7_OTS-6.4 dumps exhibit

An OT administrator ran a report to identify device inventory in an OT network. Based on the report results, which report was run?

A FortiSIEM CMDB report

A FortiAnalyzer device report

A FortiSIEM incident report

A FortiSIEM analytics report

Question 3

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.
Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

FortiSIEM and FortiManager

FortiSandbox and FortiSIEM

FortiSOAR and FortiSIEM

A syslog server and FortiSIEM

Question 4

As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol?

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

Question 5

An OT network administrator is trying to implement active authentication. Which two methods should the administrator use to achieve this? (Choose two.)

Two-factor authentication on FortiAuthenticator

Role-based authentication on FortiNAC

FSSO authentication on FortiGate

Local authentication on FortiGate

Question 6

Refer to the exhibit, which shows a non-protected OT environment.
NSE7_OTS-6.4 dumps exhibit

An administrator needs to implement proper protection on the OT network.
Which three steps should an administrator take to protect the OT network? (Choose three.)

Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.

Deploy a FortiGate device within each ICS network.

Configure firewall policies with web filter to protect the different ICS networks.

Configure firewall policies with industrial protocol sensors

Use segmentation

Question 7

What triggers Layer 2 polling of infrastructure devices connected in the network?

A failed Layer 3 poll

A matched security policy

A matched profiling rule

A linkup or linkdown trap

Question 8

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

You must set correct operator in event handler to trigger an event.

You can automate SOC tasks through playbooks.

Each playbook can include multiple triggers.

You cannot use Windows and Linux hosts security events with FortiSoC.

Question 9

When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

Known trusted devices, each time they change location

All connected devices, each time they connect

Rogue devices, only when they connect for the first time

Rogue devices, each time they connect

Question 10

Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)

FortiNAC

FortiManager

FortiAnalyzer

FortiSIEM

FortiGate

Question 11

An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.
Which step must the administrator take to achieve this task?

Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.

Create a notification policy and define a script/remediation on FortiSIEM.

Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.

Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.

Page: 1 / 2

Total 35 questions Full Exam Access