• Home
  • Articles
  • Pass Your Fortinet NSE7_OTS-6.4 Exam with Correct 36 Questions and Answers [Q14-Q36]

Pass Your Fortinet NSE7_OTS-6.4 Exam with Correct 36 Questions and Answers [Q14-Q36]

Share

Pass Your Fortinet NSE7_OTS-6.4 Exam with Correct 36 Questions and Answers

Latest [Apr 05, 2022] 2022 Realistic Verified NSE7_OTS-6.4 Dumps

NEW QUESTION 14
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.
What is a possible reason?

  • A. FortiNAC determined the user by DHCP fingerprint method
  • B. Two-factor authentication is not configured with RADIUS authentication method
  • C. FortiGate determined the user by passive authentication
  • D. The user was determined by Security Fabric

Answer: A

 

NEW QUESTION 15
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

  • A. Each playbook can include multiple triggers.
  • B. You cannot use Windows and Linux hosts security events with FortiSoC.
  • C. You can automate SOC tasks through playbooks.
  • D. You must set correct operator in event handler to trigger an event.

Answer: A,C

Explanation:
Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc

 

NEW QUESTION 16
Refer to the exhibit.

Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)

  • A. IT and OT networks are separated by segmentation.
  • B. Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.
  • C. FortiGate-3 and FortiGate-4 devices must be in a transparent mode.
  • D. Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.

Answer: A,C

 

NEW QUESTION 17
Refer to the exhibit.

You are navigating through FortiSIEM in an OT network.
How do you view information presented in the exhibit and what does the FortiGate device security status tell you?

  • A. In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.
  • B. In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.
  • C. In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.
  • D. In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.

Answer: A

 

NEW QUESTION 18
An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication.
What should the OT supervisor do to achieve this on FortiGate?

  • A. Configure a firewall policy with LDAP users and place it on the top of list of firewall policies.
  • B. Under config user settings configure set auth-on-demand implicit.
  • C. Configure a firewall policy with FSSO users and place it on the top of list of firewall policies.
  • D. Enable two-factor authentication with FSSO.

Answer: B

 

NEW QUESTION 19
As an OT administrator, it is important to understand how industrial protocols work in an OT network.
Which communication method is used by the Modbus protocol?

  • A. It uses OSI Layer 2 and the primary device sends data based on request from secondary device.
  • B. It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.
  • C. It uses OSI Layer 2 and the secondary device sends data based on request from primary device.
  • D. It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

Answer: C

 

NEW QUESTION 20
Refer to the exhibit.

Given the configurations on the FortiGate, which statement is true?

  • A. FortiGate is configured with forward-domains to forward only domain controller traffic.
  • B. FortiGate is configured with forward-domains to forward only company domain website traffic.
  • C. FortiGate is configured with forward-domains to reduce unnecessary traffic.
  • D. FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.

Answer: C

 

NEW QUESTION 21
Refer to the exhibit.

You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.
What must you do to achieve this objective?

  • A. You must register the same FortiToken on more than one FortiGate.
  • B. You must use the user self-registration server.
  • C. You must use a FortiAuthenticator.
  • D. You must use a third-party RADIUS OTP server.

Answer: C

 

NEW QUESTION 22
Which three methods of communication are used by FortiNAC to gather visibility information? (Choose three.)

  • A. SNMP
  • B. RADIUS
  • C. TACACS
  • D. API
  • E. ICMP

Answer: A,B,D

 

NEW QUESTION 23
An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.
On which device can this be accomplished?

  • A. FortiNAC
  • B. FortiEDR
  • C. FortiSwitch
  • D. FortiGate

Answer: A

 

NEW QUESTION 24
Refer to the exhibit.

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

  • A. FortiNAC for network access control
  • B. FortiEDR for endpoint detection
  • C. FortiGate for application control and IPS
  • D. FortiGate for SD-WAN
  • E. FortiSIEM for security incident and event management

Answer: A,C,E

 

NEW QUESTION 25
Refer to the exhibit

In the topology shown in the exhibit, both PLCs can communicate directly with each other, without going through the firewall.
Which statement about the topology is true?

  • A. This integration solution expands VLAN capabilities from Layer 2 to Layer 3.
  • B. An administrator can create firewall policies in the switch to secure between PLCs.
  • C. There is no micro-segmentation in this topology.
  • D. PLCs use IEEE802.1Q protocol to communicate each other.

Answer: C

 

NEW QUESTION 26
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)

  • A. Enhanced point of connection details
  • B. Adapter consolidation for multi-adapter hosts
  • C. Direct VLAN assignment
  • D. Importation and classification of hosts

Answer: A,C

 

NEW QUESTION 27
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)

  • A. Source defined as internet services in the firewall policy
  • B. Highest to lowest priority defined in the firewall policy
  • C. Destination defined as internet services in the firewall policy
  • D. Services defined in the firewall policy.
  • E. Lowest to highest policy ID number

Answer: A,C,D

 

NEW QUESTION 28
......

Get 2022 Updated Free Fortinet NSE7_OTS-6.4 Exam Questions and Answer: https://www.preppdf.com/Fortinet/NSE7_OTS-6.4-prepaway-exam-dumps.html

Pass NSE7_OTS-6.4 Exam Updated 36 Questions: https://drive.google.com/open?id=13CL9HA3oa8JAxLQg8mgTskiE3ZPxisIv

Related Articles

more
Fortinet NSE7_OTS-6.4 Certification Practice Exam