Which statement about the interfaces shown in the exhibit is true

port1, port1-vlan10, and port1-vlan1 are in different broadcast domains

port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.

port1-vlan10 and port2-vlan10 are part of the same broadcast domain

Which statemenl about the IEC 104 protocol is true?

IEC 104 is used for telecontrol SCADA in electrical engineering applications.

IEC 104 is IEC 101 compliant in old SCADA systems.

IEC 104 protects data transmission between OT devices and services.

IEC 104 uses non-TCP/IP standards.

Which statement is true about the traffic passing through to PLC-2?

The application filter overrides the default action of some IEC 104 signatures.

IPS must be enabled to inspect application signatures.

IEC 104 signatures are all allowed except the C.BO.NA 1 signature.

SSL Inspection must be set to deep-inspection to correctly apply application control.

An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer. What are two possible reasons why the report output was empty? (Choose two.)

The administrator selected the wrong time period for the report.

The administrator selected the wrong devices in the Devices section.

The administrator selected the wrong logs to be indexed in FortiAnalyzer.

The administrator selected the wrong hcache table for the report.

What two advantages does FortiNAC provide in the OT network? (Choose two.)

It can be used for IoT device detection.

It can be used for device profiling.

It can be used for industrial intrusion detection and prevention.

It can be used for network micro-segmentation.

How can you achieve remote access and internel availability in an OT network?

Implement SD-WAN to manage traffic on each ISP link.

Create a back-end backup network as a redundancy measure.

Add additional internal firewalls to access OT devices.

Create more access policies to prevent unauthorized access.

How can you achieve remote access and internel availability in an OT network?

Implement SD-WAN to manage traffic on each ISP link.

Create a back-end backup network as a redundancy measure.

Add additional internal firewalls to access OT devices.

Create more access policies to prevent unauthorized access.

Which statement about some of the generated report elements from FortiAnalyzer is true?

The report confirms Modbus and IEC 104 are the key applications crossing the network

FortiGate collects the logs and generates the report to FortiAnalyzer.

The file types confirm the infected applications on the PLCs.

This report is predefined and is not available for customization.

Which statement is true about application control inspection?

The parent signature takes precedence over the child application signature.

The industrial application control inspection process is unique among application categories.

Security actions cannot be applied on the lowest level of the hierarchy

You can control security actions only on the parent-level application signature

In order for a FortiGate device to act as router on a stick, what configuration must an OT network architect implement on FortiGate to achieve inter-VLAN routing?

Set a FortiGate interface with the switch to operate as an 802.1 q trunk.

Set a unique forward domain on each interface on the network.

Set FortiGate to operate in transparent mode.

Set a software switch on FortiGate to handle inter-VLAN traffic.

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT cannot send traffic to each other. Which two statements about the traffic between PCL-1 and PLC-2 are true? (Choose two.)

Micro-segmentation on FGT-2 prevents direct device-to-device communication.

FGT-2 controls intra-VLAN traffic through firewall policies.

The switch on FGT-2 must be hardware to implement micro-segmentation.

Traffic must be inspected by FGT-EDGE in OT networks.

A FortiGate device is newly deployed as the edge gateway of an OT network security fabric. The downstream FortiGate devices are also newly deployed as Security Fabric leafs to protect the control area zone. With no additional essential networking devices, and to implement micro-segmentation on this OT network, what configuration must the OT network architect apply to control intra-VLAN traffic?

Set up VPN tunnels between downstream and edge FortiGate devices.

Enable transparent mode on the edge FortiGate device.

Enable security profiles on all interfaces connected in the control area zone.

Create a software switch on each downstream FortiGate device

An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01. Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)

The FortiGate-Edge device must be in NAT mode.

NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.

The FortiGate devices is in offline IDS mode.

Port5 is not a member of the software switch.

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device. Which statement about the industrial signature database on FortiGate is true?

A supervisor can enable it through the FortiGate CLI.

A supervisor must purchase an industrial signature database and import it to the FortiGate.

An administrator must create their own database using custom signatures.

By default, the industrial database is enabled.

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Planning a threat hunting strategy

Creating disaster recovery plans to switch operations to a backup plant

Implementing strategies to automatically bring PLCs offline

Evaluating what can go wrong before it happens

An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network. Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)

You must set correct operator in event handler to trigger an event.

You can automate SOC tasks through playbooks.

Each playbook can include multiple triggers.

You cannot use Windows and Linux hosts security events with FortiSoC.

As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs. Which security sensor must implement to detect these types of industrial exploits?

Intrusion prevention system (IPS)

An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication. What is a possible reason?

FortiGate determined the user by passive authentication

The user was determined by Security Fabric

Two-factor authentication is not configured with RADIUS authentication method

FortiNAC determined the user by DHCP fingerprint method

Given the configurations on the FortiGate, which statement is true?

FortiGate is configured with forward-domains to reduce unnecessary traffic.

FortiGate is configured with forward-domains to forward only domain controller traffic.

FortiGate is configured with forward-domains to forward only company domain website traffic.

FortiGate is configured with forward-domains to filter and drop non-domain controller traffic.

Which two statements about the Modbus protocol are true? (Choose two.)

Most of the PLC brands come with a built-in Modbus module.

You can implement Modbus networking settings on internetworking devices.

Modbus uses UDP frames to transport MBAP and function codes.

Modbus is used to establish communication between intellig

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

Network traffic goes through FortiGate.

FortiGate acts as network sensor.

FortiGate receives traffic from configured port mirroring.

Network attacks can be detected and blocked.

An administrator needs to implement proper protection on the OT network. Which three steps should an administrator take to protect the OT network? (Choose three.)

Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.

Configure firewall policies with web filter to protect the different ICS networks.

Configure firewall policies with industrial protocol sensors

Deploy a FortiGate device within each ICS network

An OT network security audit concluded that the application sensor requires changes to ensure the correct security action is committed against the overrides filters. Which change must the OT network administrator make?

Remove IEC.60870.5.104 Information.Transfer from the first filter override.

Set all application categories to apply default actions.

Change the security action of the industrial category to monitor.

Set the priority of the C.BO.NA .1 signature override to 1.

To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?

By inspecting applications only on nonprotected traffic

By inspecting software and software-based vulnerabilities

By inspecting applications with more granularity by inspecting subapplication traffic

By inspecting protocols used in the application traffic

Which statement is correct about processing matched rogue devices by FortiNAC?

FortiNAC matches the rogue device with only one device profiling rule.

FortiNAC cannot revalidate matched devices.

FortiNAC remembers the match ng rule of the rogue device

FortiNAC disables matching rule of previously-profiled rogue devices.

When you create a user or host profile, which three criteria can you use? (Choose three.)

Administrative group membership

An existing access control policy

OT 7.2

Authored by Sergio Ortiz

Computers

Professional Development

AI Actions

Add similar questions

Adjust reading levels

Convert to real-world scenario

Translate activity

More...

Content View

Student View

43 questions

Show all answers

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The IPS profile is added on all of the security policies on FortiGate. For an OT network, which statement of the IPS profile is true?

FortiGate has no IPS industrial signature database enabled

The listed IPS signatures are classified as SCADAapphcat nns

All IPS signatures are overridden and must block traffic match signature patterns

The IPS profile inspects only traffic originating from SCADA equipment.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

Each traffic VDOM must have a direct connection to FortiGuard services to receive the required security updates.

The management VDOM must have access to all global security services

Each VDOM must have an independent security license

Traffic between VDOMs must pass through the physical interfaces of FortiGate to check for security incidents.

MULTIPLE SELECT QUESTION

45 sec • 1 pt

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

FortiGate for SD-WAN

FortiGate for application control and IPS

FortiNAC for network access control

FortiSIEM for security incident and event management

FortiEDR for endpoint detection

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

What can be assigned using network access control policies?

Layer 3 polling intervals

FortiNAC device polling methods

Logical networks

Profiling rules

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer.
In this scenario, which statement is correct about the purpose of FortiAnalyzer receiving and processing multiple log messages from a given PLC or RTU?

To isolate PLCs or RTUs in the event of external attacks

To configure event handlers and take further action on FortiGate

To determine which type of messages from the PLC or RTU causes issues in the plant

To help OT administrators configure the network and prevent breaches

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

As an OT administrator, it is important to understand how industrial protocols work in an OT network.
Which communication method is used by the Modbus protocol?

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

MULTIPLE CHOICE QUESTION

30 sec • 1 pt

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

CMDB reports

Threat hunting reports

Compliance reports

OT/loT reports

Access all questions and much more by creating a free account

Create resources

Host any resource

Get auto-graded reports

Continue with Google

Continue with Email

Continue with Classlink

Continue with Clever

or continue with

Microsoft

Apple

Others

Already have an account?

Similar Resources on Wayground

38 questions

Digital Marketer Revision 1

Quiz

•

Professional Development

45 questions

SAP EWM Set 3

Quiz

•

Professional Development

39 questions

AZ900-04

Quiz

•

Professional Development

41 questions

TCS NQT Mock Test 1,VERBAL ABILITY,QUANTITATIVE APTITUDE,PROGRAM

Quiz

•

Professional Development

40 questions

RL Tema 16. Cuestionario

Quiz

•

Professional Development

39 questions

AZ900-05

Quiz

•

Professional Development

40 questions

Net+ Day 1 OSI Model Topologies and Cables

Quiz

•

Professional Development

45 questions

Snowflake pro core 80 Qst part 1.2

Quiz

•

Professional Development

Popular Resources on Wayground

15 questions

Grade 3 Simulation Assessment 1

Quiz

•

3rd Grade

22 questions

HCS Grade 4 Simulation Assessment_1 2526sy

Quiz

•

4th Grade

16 questions

Grade 3 Simulation Assessment 2

Quiz

•

3rd Grade

19 questions

HCS Grade 5 Simulation Assessment_1 2526sy

Quiz

•

5th Grade

17 questions

HCS Grade 4 Simulation Assessment_2 2526sy

Quiz

•

4th Grade

20 questions

Equivalent Fractions

Quiz

•

3rd Grade

24 questions

HCS Grade 5 Simulation Assessment_2 2526sy

Quiz

•

5th Grade

20 questions

Math Review

Quiz

•

3rd Grade

Discover more resources for Computers

20 questions

Block Buster Movies

Quiz

•

10th Grade - Professi...

40 questions

Flags of the World

Quiz

•

KG - Professional Dev...

10 questions

Lead Awareness Health Hazards

Quiz

•

Professional Development

OT 7.2

The IPS profile is added on all of the security policies on FortiGate. For an OT network, which statement of the IPS profile is true?

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

What can be assigned using network access control policies?

FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer.In this scenario, which statement is correct about the purpose of FortiAnalyzer receiving and processing multiple log messages from a given PLC or RTU?

As an OT administrator, it is important to understand how industrial protocols work in an OT network.Which communication method is used by the Modbus protocol?

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

You are assigned to implement a remote authentication server in the OT network. Which part of the hierarchy should the authentication server be part of?

Which statement about the interfaces shown in the exhibit is true

Which statemenl about the IEC 104 protocol is true?

Access all questions and much more by creating a free account

Similar Resources on Wayground

Popular Resources on Wayground

Discover more resources for Computers

FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer.
In this scenario, which statement is correct about the purpose of FortiAnalyzer receiving and processing multiple log messages from a given PLC or RTU?

As an OT administrator, it is important to understand how industrial protocols work in an OT network.
Which communication method is used by the Modbus protocol?