Download Fortinet NSE 7 - OT Security 6.4.NSE7_OTS-6.4.VCEplus.2022-03-03.35q.vcex

Vendor: Fortinet
Exam Code: NSE7_OTS-6.4
Exam Name: Fortinet NSE 7 - OT Security 6.4
Date: Mar 03, 2022
File Size: 3 MB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)
  1. Services defined in the firewall policy.
  2. Source defined as internet services in the firewall policy
  3. Lowest to highest policy ID number
  4. Destination defined as internet services in the firewall policy
  5. Highest to lowest priority defined in the firewall policy
Correct answer: ABD
Question 2
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.  
What is a possible reason?
  1. FortiGate determined the user by passive authentication
  2. The user was determined by Security Fabric
  3. Two-factor authentication is not configured with RADIUS authentication method
  4. FortiNAC determined the user by DHCP fingerprint method
Correct answer: D
Question 3
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)
  1. Enhanced point of connection details
  2. Direct VLAN assignment 
  3. Adapter consolidation for multi-adapter hosts
  4. Importation and classification of hosts
Correct answer: AB
Question 4
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.  
What are two possible reasons why the report output was empty? (Choose two.)
  1. The administrator selected the wrong logs to be indexed in FortiAnalyzer.
  2. The administrator selected the wrong time period for the report.
  3. The administrator selected the wrong devices in the Devices section.
  4. The administrator selected the wrong hcache table for the report.
Correct answer: BD
Question 5
Refer to the exhibit.  
Which statement about the interfaces shown in the exhibit is true?
  1. port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.
  2. The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.
  3. port1-vlan10 and port2-vlan10 are part of the same broadcast domain
  4. port1, port1-vlan10, and port1-vlan1 are in different broadcast domains
Correct answer: D
Question 6
Refer to the exhibit.  
You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.  
What must you do to achieve this objective?
  1. You must use a FortiAuthenticator.
  2. You must register the same FortiToken on more than one FortiGate.
  3. You must use the user self-registration server. 
  4. You must use a third-party RADIUS OTP server.
Correct answer: A
Question 7
Refer to the exhibit, which shows a non-protected OT environment.  
An administrator needs to implement proper protection on the OT network.  
Which three steps should an administrator take to protect the OT network? (Choose three.)
  1. Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.
  2. Deploy a FortiGate device within each ICS network.
  3. Configure firewall policies with web filter to protect the different ICS networks. 
  4. Configure firewall policies with industrial protocol sensors
  5. Use segmentation
Correct answer: ACD
Question 8
In a wireless network integration, how does FortiNAC obtain connecting MAC address information?
  2. Link traps
  3. End station traffic monitoring
  4. MAC notification traps
Correct answer: A
Question 9
An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.  
Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?
  1. FortiSIEM and FortiManager
  2. FortiSandbox and FortiSIEM
  3. FortiSOAR and FortiSIEM
  4. A syslog server and FortiSIEM
Correct answer: C
Question 10
Refer to the exhibit.  
Given the configurations on the FortiGate, which statement is true?  
  1. FortiGate is configured with forward-domains to reduce unnecessary traffic.
  2. FortiGate is configured with forward-domains to forward only domain controller traffic.
  3. FortiGate is configured with forward-domains to forward only company domain website traffic.
  4. FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.
Correct answer: A

Use VCE Exam Simulator to open VCE files


Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!