Fortinet NSE 6 - OT Security 7.6 Architect - NSE6_OTS_AR-7.6 Exam Practice Test
Question 1
Refer to the exhibit.
A firewall policy page is shown.
To improve the security of your OT network, you have configured a Supervisor profile in the firewall policies, as shown in the exhibit. However, a supervisor is reporting that he cannot ping PLC-1.
What are the two reasons? (Choose two.)
A firewall policy page is shown.
To improve the security of your OT network, you have configured a Supervisor profile in the firewall policies, as shown in the exhibit. However, a supervisor is reporting that he cannot ping PLC-1.
What are the two reasons? (Choose two.)
Correct Answer: B,D
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 2
Refer to the exhibit. The IPS profile is added on all of the security policies on FortiGate. For an OT network, which statement of the IPS profile is true?
Correct Answer: C
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 3
You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM.
Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)
Which three FortiSIEM options can you use to investigate these incidents? (Choose three.)
Correct Answer: A,C,D
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 4
Refer to the exhibit. PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-2) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the layer 2 level.
What must the operational technology (OT) admin do to prevent layer 2-level communication between PLC-3 and CLIENT?
What must the operational technology (OT) admin do to prevent layer 2-level communication between PLC-3 and CLIENT?
Correct Answer: A
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 5
Refer to the exhibit. Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)
Correct Answer: C,D
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 6
Which statement about how FortiNAC processes matched rogue devices is true?
Correct Answer: A
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
Question 7
Refer to the exhibit, which shows a non-protected OT environment.
An administrator needs to implement proper protection on the OT network. Which three steps should an administrator take to protect the OT network? (Choose three.)
An administrator needs to implement proper protection on the OT network. Which three steps should an administrator take to protect the OT network? (Choose three.)
Correct Answer: B,D,E
Question 8
Refer to the exhibits.
A partial OT network and the Security Profiles section of the FortiGate_Level2 firewall policy are shown.
You have configured the FortiGate_Level2 firewall policy with a virtual patching profile because PLC-1 has vulnerabilities. A penetration test performed from the HMI device still reports vulnerabilities visible on PLC-1.
Which two additional parameters must you enable on FortiGate_Level2? (Choose two.)
A partial OT network and the Security Profiles section of the FortiGate_Level2 firewall policy are shown.
You have configured the FortiGate_Level2 firewall policy with a virtual patching profile because PLC-1 has vulnerabilities. A penetration test performed from the HMI device still reports vulnerabilities visible on PLC-1.
Which two additional parameters must you enable on FortiGate_Level2? (Choose two.)
Correct Answer: A,D
Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).
