試験問題集でNSE7_OTS-7.2練習で無料最新のFortinet練習テスト
NSE7_OTS-7.2試験問題、リアルNSE7_OTS-7.2練習問題集
Fortinet NSE7_OTS-7.2試験は、オペレーショナルテクノロジー(OT)セキュリティの分野に特化したITプロフェッショナル向けの認定試験です。この試験は、Fortinet Network Security Expert(NSE)7認定プログラムの一部であり、OTネットワークやデバイスを保護するための候補者の知識とスキルをテストすることに焦点を当てています。
Fortinet NSE7_OTS-7.2試験は、OTセキュリティに特化したセキュリティ専門家にとって重要な認証資格です。この試験は、候補者のスキルと知識を試すことで、最も熟練した専門家だけが認証を受けるように設計されています。この試験に合格することは、セキュリティ専門家のキャリアにおいて重要なマイルストーンを示し、重要なインフラストラクチャやOT環境の保護に対する専門家の専門知識とコミットメントを証明します。
質問 # 12
Refer to the exhibit
In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.
Which statement about the topology is true?
- A. There is no micro-segmentation in this topology.
- B. This integration solution expands VLAN capabilities from Layer 2 to Layer 3.
- C. An administrator can create firewall policies in the switch to secure between PLCs.
- D. PLCs use IEEE802.1Q protocol to communicate each other.
正解:A
質問 # 13
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)
- A. You must set correct operator in event handler to trigger an event.
- B. Each playbook can include multiple triggers.
- C. You cannot use Windows and Linux hosts security events with FortiSoC.
- D. You can automate SOC tasks through playbooks.
正解:A、D
解説:
Explanation
Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc
質問 # 14
What triggers Layer 2 polling of infrastructure devices connected in the network?
- A. A matched profiling rule
- B. A matched security policy
- C. A linkup or linkdown trap
- D. A failed Layer 3 poll
正解:C
質問 # 15
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)
- A. Source defined as internet services in the firewall policy
- B. Lowest to highest policy ID number
- C. Destination defined as internet services in the firewall policy
- D. Highest to lowest priority defined in the firewall policy
- E. Services defined in the firewall policy.
正解:C、D、E
解説:
The three criteria that a FortiGate device can use to look for a matching firewall policy to process traffic are:
A) Services defined in the firewall policy - FortiGate devices can match firewall policies based on the services defined in the policy, such as HTTP, FTP, or DNS.
D) Destination defined as internet services in the firewall policy - FortiGate devices can also match firewall policies based on the destination of the traffic, including destination IP address, interface, or internet services.
E) Highest to lowest priority defined in the firewall policy - FortiGate devices can prioritize firewall policies based on the priority defined in the policy. The device will process traffic against the policy with the highest priority first and move down the list until it finds a matching policy.
質問 # 16
Refer to the exhibit.
An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.
Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)
- A. The FortiGate devices is in offline IDS mode.
- B. NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.
- C. Port5 is not a member of the software switch.
- D. The FortiGate-Edge device must be in NAT mode.
正解:B、D
質問 # 17
Refer to the exhibit.
You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.
What must you do to achieve this objective?
- A. You must use a FortiAuthenticator.
- B. You must use the user self-registration server.
- C. You must register the same FortiToken on more than one FortiGate.
- D. You must use a third-party RADIUS OTP server.
正解:A
質問 # 18
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.
What are two possible reasons why the report output was empty? (Choose two.)
- A. The administrator selected the wrong logs to be indexed in FortiAnalyzer.
- B. The administrator selected the wrong time period for the report.
- C. The administrator selected the wrong hcache table for the report.
- D. The administrator selected the wrong devices in the Devices section.
正解:B、D
解説:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/32cb817d-a307-11eb-b70b-0050569258
質問 # 19
An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.
What should the OT supervisor do to achieve this on FortiGate?
- A. Under config user settings configure set auth-on-demand implicit.
- B. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
- C. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
- D. Enable two-factor authentication with FSSO.
正解:C
解説:
Explanation
The OT supervisor should configure a firewall policy with FSSO users and place it on the top of list of firewall policies in order to achieve the goal of authenticating users against passive authentication first and, if passive authentication is not successful, then challenging them with active authentication.
質問 # 20
Refer to the exhibits.
Which statement is true about the traffic passing through to PLC-2?
- A. IEC 104 signatures are all allowed except the C.BO.NA 1 signature.
- B. IPS must be enabled to inspect application signatures.
- C. SSL Inspection must be set to deep-inspection to correctly apply application control.
- D. The application filter overrides the default action of some IEC 104 signatures.
正解:D
質問 # 21
An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations.
How can the OT network architect achieve this goal?
- A. Configure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network.
- B. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network.
- C. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network.
- D. Configure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network.
正解:C
解説:
Explanation
This way, FortiSIEM can discover and monitor everything attached to the remote network and provide security visibility to the corporate network
質問 # 22
Which three protocols are used as industrial Ethernet protocols? (Choose three.)
- A. EtherCAT
- B. EtherNet/IP
- C. M12
- D. PROFINET
- E. RJ45
正解:A、B、D
質問 # 23
Refer to the exhibit.
Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)
- A. FortiGate for SD-WAN
- B. FortiEDR for endpoint detection
- C. FortiNAC for network access control
- D. FortiGate for application control and IPS
- E. FortiSIEM for security incident and event management
正解:B、C、D
質問 # 24
What can be assigned using network access control policies?
- A. Profiling rules
- B. Layer 3 polling intervals
- C. FortiNAC device polling methods
- D. Logical networks
正解:D
質問 # 25
Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)
- A. FortiAnalyzer
- B. FortiNAC
- C. FortiSIEM
- D. FortiManager
- E. FortiGate
正解:B、C、E
質問 # 26
An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks. On which device can this be accomplished?
- A. FortiNAC
- B. FortiGate
- C. FortiEDR
- D. FortiSwitch
正解:B
解説:
An OT network architect can accomplish the goal of securing control area zones with a single network access policy to provision devices to any number of different networks on a FortiGate device.
質問 # 27
Which deployment option allows an administrator to detect intrusions without any modifications to production traffic?
- A. Virtual patching
- B. Inline IPS and IDS
- C. Offline IPS
- D. Offline IDS
正解:D
質問 # 28
How can you achieve remote access and internet availability in an OT network?
- A. Add additional internal firewalls to access OT devices.
- B. Implement SD-WAN to manage traffic on each ISP link.
- C. Create more access policies to prevent unauthorized access.
- D. Create a back-end backup network as a redundancy measure.
正解:B
質問 # 29
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)
- A. Adapter consolidation for multi-adapter hosts
- B. Direct VLAN assignment
- C. Importation and classification of hosts
- D. Enhanced point of connection details
正解:C、D
質問 # 30
You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.
Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)
- A. Risk
- B. IPS
- C. Overview
- D. Security
- E. List
正解:A、C、E
質問 # 31
Refer to the exhibit. In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall. Which statement about the topology is true?
- A. There is no micro-segmentation in this topology.
- B. This integration solution expands VLAN capabilities from Layer 2 to Layer 3.
- C. An administrator can create firewall policies in the switch to secure between PLCs.
- D. PLCs use IEEE802.1Q protocol to communicate each other.
正解:A
質問 # 32
When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?
- A. Known trusted devices, each time they change location
- B. Rogue devices, only when they connect for the first time
- C. All connected devices, each time they connect
- D. Rogue devices, each time they connect
正解:B
質問 # 33
An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.
Which statement about the industrial signature database on FortiGate is true?
- A. A supervisor must purchase an industrial signature database and import it to the FortiGate.
- B. An administrator must create their own database using custom signatures.
- C. By default, the industrial database is enabled.
- D. A supervisor can enable it through the FortiGate CLI.
正解:D
質問 # 34
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic?
(Choose three.)
- A. Source defined as internet services in the firewall policy
- B. Lowest to highest policy ID number
- C. Destination defined as internet services in the firewall policy
- D. Highest to lowest priority defined in the firewall policy
- E. Services defined in the firewall policy.
正解:C、D、E
解説:
Explanation
The three criteria that a FortiGate device can use to look for a matching firewall policy to process traffic are:
A: Services defined in the firewall policy - FortiGate devices can match firewall policies based on the services defined in the policy, such as HTTP, FTP, or DNS.
D: Destination defined as internet services in the firewall policy - FortiGate devices can also match firewall policies based on the destination of the traffic, including destination IP address, interface, or internet services.
E: Highest to lowest priority defined in the firewall policy - FortiGate devices can prioritize firewall policies based on the priority defined in the policy. The device will process traffic against the policy with the highest priority first and move down the list until it finds a matching policy.
質問 # 35
The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM reporting method helps to identify device failures?
- A. Active dependent rules reports
- B. Device inventory reports
- C. CMDB operational reports
- D. Business service reports
正解:C
質問 # 36
......
確認済みNSE7_OTS-7.2試験問題集と解答で時間限定無料提供!NSE7_OTS-7.2には正解付き:https://www.goshiken.com/Fortinet/NSE7_OTS-7.2-mondaishu.html
あなたを合格させるNSE7_OTS-7.2無料問題集最新のFortinet練習テスト:https://drive.google.com/open?id=1H1KSG_o-N3xc9ZcFSZpyskaQufSdb6s1