We provide real NSE7_OTS-6.4 exam questions and answers braindumps in two formats. Download PDF & Practice Tests. Pass Fortinet NSE7_OTS-6.4 Exam quickly & easily. The NSE7_OTS-6.4 PDF type is available for reading and printing. You can print more and practice many times. With the help of our Fortinet NSE7_OTS-6.4 dumps pdf and vce product and material, you can easily pass the NSE7_OTS-6.4 exam.
Online NSE7_OTS-6.4 free questions and answers of New Version:
NEW QUESTION 1
What can be assigned using network access control policies?
- A. Layer 3 polling intervals
- B. FortiNAC device polling methods
- C. Logical networks
- D. Profiling rules
Answer: D
NEW QUESTION 2
When you create a user or host profile, which three criteria can you use? (Choose three.)
- A. Host or user group memberships
- B. Administrative group membership
- C. An existing access control policy
- D. Location
- E. Host or user attributes
Answer: ADE
NEW QUESTION 3
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.
Which step must the administrator take to achieve this task?
- A. Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.
- B. Create a notification policy and define a script/remediation on FortiSIEM.
- C. Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.
- D. Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.
Answer: C
NEW QUESTION 4
As an OT administrator, it is important to understand how industrial protocols work in an OT network. Which communication method is used by the Modbus protocol?
- A. It uses OSI Layer 2 and the primary device sends data based on request from secondary device.
- B. It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.
- C. It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.
- D. It uses OSI Layer 2 and the secondary device sends data based on request from primary device.
Answer: D
NEW QUESTION 5
Refer to the exhibit.
You are navigating through FortiSIEM in an OT network.
How do you view information presented in the exhibit and what does the FortiGate device security status tell you?
- A. In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.
- B. In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.
- C. In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.
- D. In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.
Answer: B
NEW QUESTION 6
Refer to the exhibit, which shows a non-protected OT environment.
An administrator needs to implement proper protection on the OT network.
Which three steps should an administrator take to protect the OT network? (Choose three.)
- A. Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.
- B. Deploy a FortiGate device within each ICS network.
- C. Configure firewall policies with web filter to protect the different ICS networks.
- D. Configure firewall policies with industrial protocol sensors
- E. Use segmentation
Answer: ACD
NEW QUESTION 7
Refer to the exhibit.
An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.
Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)
- A. The FortiGate-Edge device must be in NAT mode.
- B. NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.
- C. The FortiGate devices is in offline IDS mode.
- D. Port5 is not a member of the software switch.
Answer: AC
NEW QUESTION 8
Refer to the exhibit and analyze the output.
Which statement about the output is true?
- A. This is a sample of a FortiAnalyzer system interface event log.
- B. This is a sample of an SNMP temperature control event log.
- C. This is a sample of a PAM event type.
- D. This is a sample of FortiGate interface statistics.
Answer: A
NEW QUESTION 9
An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs. All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network.
What statement about the traffic between PLC1 and PLC2 is true?
- A. The Layer 2 switch rewrites VLAN tags before sending traffic to the FortiGate device.
- B. The Layer 2 switches routes any traffic to the FortiGate device through an Ethernet link.
- C. PLC1 and PLC2 traffic must flow through the Layer-2 switch trunk link to the FortiGate device.
- D. In order to communicate, PLC1 must be in the same VLAN as PLC2.
Answer: C
NEW QUESTION 10
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)
- A. FortiNAC
- B. FortiManager
- C. FortiAnalyzer
- D. FortiSIEM
- E. FortiGate
Answer: ACD
NEW QUESTION 11
What triggers Layer 2 polling of infrastructure devices connected in the network?
- A. A failed Layer 3 poll
- B. A matched security policy
- C. A matched profiling rule
- D. A linkup or linkdown trap
Answer: D
NEW QUESTION 12
......
P.S. Allfreedumps.com now are offering 100% pass ensure NSE7_OTS-6.4 dumps! All NSE7_OTS-6.4 exam questions have been updated with correct answers: https://www.allfreedumps.com/NSE7_OTS-6.4-dumps.html (35 New Questions)