CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Fortinet
  5. NSE7_OTS-7.2

Free NSE7_OTS-7.2 Exam Braindumps (page: 5)

Page 4 of 16
PDF with 62 Questions

An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful,

then users should be challenged with active authentication.
What should the OT supervisor do to achieve this on FortiGate?

  1. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
  2. Enable two-factor authentication with FSSO.
  3. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
  4. Under config user settings configure set auth-on-demand implicit.

Answer(s): C

Explanation:

The OT supervisor should configure a firewall policy with FSSO users and place it on the top of list of firewall policies in order to achieve the goal of authenticating users against passive authentication first and, if passive authentication is not successful, then challenging them with active authentication.



An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.
On which device can this be accomplished?

  1. FortiGate
  2. FortiEDR
  3. FortiSwitch
  4. FortiNAC

Answer(s): A

Explanation:

An OT network architect can accomplish the goal of securing control area zones with a single network access policy to provision devices to any number of different networks on a FortiGate device.



Refer to the exhibit.



Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)

  1. Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.
  2. Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.
  3. IT and OT networks are separated by segmentation.
  4. FortiGate-3 and FortiGate-4 devices must be in a transparent mode.

Answer(s): A,C



Which three methods of communication are used by FortiNAC to gather visibility information? (Choose three.)

  1. SNMP
  2. ICMP
  3. API
  4. RADIUS
  5. TACACS

Answer(s): A,C,D






Post your Comments and Discuss Fortinet NSE7_OTS-7.2 exam with other Community members:

NSE7_OTS-7.2 Discussions & Posts