• ホーム
  • ブログ
  • [2022年03月] 最新のFortinet NSE7_OTS-6.4テスト問題集とオンライン試験エンジン [Q15-Q30]

[2022年03月] 最新のFortinet NSE7_OTS-6.4テスト問題集とオンライン試験エンジン [Q15-Q30]

Share

[2022年03月] 最新のFortinet NSE7_OTS-6.4テスト問題集とオンライン試験エンジン

Fortinet NSE7_OTS-6.4問題を提供していますNSE 7 Network Security Architect問題集と完璧な解答付き


Fortinet NSE7_OTS-6.4 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • 産業用イーサネットプロトコルの説明
  • FortiSIEMのルールとインシデントの説明
トピック 2
  • フォーティネット製品を使用したOTアーキテクチャの説明
  • フォーティゲートを使用したデバイス検出の実装
トピック 3
  • OTネットワークの内部セグメンテーションの実装について説明する
  • 役割ベースの認証について説明する
トピック 4
  • FortiAnalyzerとFortiSIEMを使用してレポートをカスタマイズおよび生成します
  • FortiAnalyzerとFortiSIEMを使用してログと監視を実装します
トピック 5
  • 認証を適用してデバイスへのアクセスを制御します
  • 産業用プロトコルと署名を特定します

 

質問 15
Refer to the exhibit.

An OT administrator ran a report to identify device inventory in an OT network.
Based on the report results, which report was run?

  • A. A FortiSIEM analytics report
  • B. A FortiAnalyzer device report
  • C. A FortiSIEM CMDB report
  • D. A FortiSIEM incident report

正解: C

 

質問 16
An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations.
How can the OT network architect achieve this goal?

  • A. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network.
  • B. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network.
  • C. Configure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network.
  • D. Configure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network.

正解: D

 

質問 17
You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.
Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

  • A. Overview
  • B. Security
  • C. List
  • D. Risk
  • E. IPS

正解: A,C,D

 

質問 18
Refer to the exhibit.

Which statement about the interfaces shown in the exhibit is true?

  • A. The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.
  • B. port1, port1-vlan10, and port1-vlan1 are in different broadcast domains
  • C. port1-vlan10 and port2-vlan10 are part of the same broadcast domain
  • D. port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

正解: B

 

質問 19
What two advantages does FortiNAC provide in the OT network? (Choose two.)

  • A. It can be used for network micro-segmentation.
  • B. It can be used for device profiling.
  • C. It can be used for industrial intrusion detection and prevention.
  • D. It can be used for IoT device detection.

正解: A,B

 

質問 20
An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.
On which device can this be accomplished?

  • A. FortiNAC
  • B. FortiEDR
  • C. FortiSwitch
  • D. FortiGate

正解: A

 

質問 21
An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.
What should the OT supervisor do to achieve this on FortiGate?

  • A. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
  • B. Under config user settings configure set auth-on-demand implicit.
  • C. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
  • D. Enable two-factor authentication with FSSO.

正解: B

 

質問 22
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.
What is a possible reason?

  • A. FortiNAC determined the user by DHCP fingerprint method
  • B. Two-factor authentication is not configured with RADIUS authentication method
  • C. FortiGate determined the user by passive authentication
  • D. The user was determined by Security Fabric

正解: A

 

質問 23
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.
Which step must the administrator take to achieve this task?

  • A. Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.
  • B. Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.
  • C. Create a notification policy and define a script/remediation on FortiSIEM.
  • D. Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.

正解: D

 

質問 24
Refer to the exhibit.

Given the configurations on the FortiGate, which statement is true?

  • A. FortiGate is configured with forward-domains to forward only domain controller traffic.
  • B. FortiGate is configured with forward-domains to forward only company domain website traffic.
  • C. FortiGate is configured with forward-domains to reduce unnecessary traffic.
  • D. FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.

正解: C

 

質問 25
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)

  • A. Source defined as internet services in the firewall policy
  • B. Highest to lowest priority defined in the firewall policy
  • C. Destination defined as internet services in the firewall policy
  • D. Services defined in the firewall policy.
  • E. Lowest to highest policy ID number

正解: A,C,D

 

質問 26
Refer to the exhibit and analyze the output.

Which statement about the output is true?

  • A. This is a sample of FortiGate interface statistics.
  • B. This is a sample of an SNMP temperature control event log.
  • C. This is a sample of a PAM event type.
  • D. This is a sample of a FortiAnalyzer system interface event log.

正解: D

 

質問 27
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)

  • A. Enhanced point of connection details
  • B. Adapter consolidation for multi-adapter hosts
  • C. Direct VLAN assignment
  • D. Importation and classification of hosts

正解: A,C

 

質問 28
Refer to the exhibit, which shows a non-protected OT environment.

An administrator needs to implement proper protection on the OT network.
Which three steps should an administrator take to protect the OT network? (Choose three.)

  • A. Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.
  • B. Configure firewall policies with industrial protocol sensors
  • C. Deploy a FortiGate device within each ICS network.
  • D. Use segmentation
  • E. Configure firewall policies with web filter to protect the different ICS networks.

正解: A,B,E

 

質問 29
......

2022年最新のNSE7_OTS-6.4テスト解説(更新されたのは36問があります):https://www.goshiken.com/Fortinet/NSE7_OTS-6.4-mondaishu.html

関するブログ

もっと
NSE7_OTS-6.4無料問題集