Prepare NSE7_OTS-7.2 Exam with Using NSE7_OTS-7.2 Dump Questions

1. What triggers Layer 2 polling of infrastructure devices connected in the network?

2. Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

3. An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

4. An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site. Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources.

As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?

5. Refer to the exhibit.





You are assigned to implement a remote authentication server in the OT network.

Which part of the hierarchy should the authentication server be part of?

6. An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.

What should the OT supervisor do to achieve this on FortiGate?

7. Refer to the exhibit.





PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level.

What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

8. When device profiling rules are enabled, which devices connected on the network are evaluated by the device profiling rules?

9. Refer to the exhibit.





In order for a FortiGate device to act as router on a stick, what configuration must an OT network architect implement on FortiGate to achieve inter-VLAN routing?

10. In a wireless network integration, how does FortiNAC obtain connecting MAC address information?

11. An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.

Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

12. You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.

Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)

13. Refer to the exhibit.





Which statement about the interfaces shown in the exhibit is true?

14. The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls.

Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

15. An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

16. Which statement is correct about processing matched rogue devices by FortiNAC?

17. Refer to the exhibit





In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.

Which statement about the topology is true?

18. Which type of attack posed by skilled and malicious users of security level 4 (SL 4) of IEC 62443 is designed to defend against intentional attacks?

19. What can be assigned using network access control policies?