最新のFortinet NSE7_OTS-6.4のPDFと問題集で(2023)無料試験問題解答
あなたを合格させるNSE 7 Network Security Architect NSE7_OTS-6.4試験問題集で2023年10月19日には37問あります
質問 # 18
Refer to the exhibit and analyze the output.
Which statement about the output is true?
- A. This is a sample of a FortiAnalyzer system interface event log.
- B. This is a sample of an SNMP temperature control event log.
- C. This is a sample of a PAM event type.
- D. This is a sample of FortiGate interface statistics.
正解:C
質問 # 19
Refer to the exhibit.
An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.
Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)
- A. The FortiGate-Edge device must be in NAT mode.
- B. NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.
- C. The FortiGate devices is in offline IDS mode.
- D. Port5 is not a member of the software switch.
正解:A、C
質問 # 20
An OT network administrator is trying to implement active authentication.
Which two methods should the administrator use to achieve this? (Choose two.)
- A. Local authentication on FortiGate
- B. Two-factor authentication on FortiAuthenticator
- C. FSSO authentication on FortiGate
- D. Role-based authentication on FortiNAC
正解:B、D
質問 # 21
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)
- A. FortiAnalyzer
- B. FortiManager
- C. FortiGate
- D. FortiSIEM
- E. FortiNAC
正解:C、D、E
解説:
1. FortiNAC - FortiNAC is a network access control solution that provides visibility and control over network devices. It can identify devices, enforce access policies, and automate threat response.
2. FortiSIEM - FortiSIEM is a security information and event management solution that can collect and analyze data from multiple sources, including network devices and servers. It can help identify potential security threats, as well as monitor compliance with security policies and regulations.
3. FortiAnalyzer - FortiAnalyzer is a central logging and reporting solution that collects and analyzes data from multiple sources, including FortiNAC and FortiSIEM. It can provide insights into network activity and help identify anomalies or security threats.
Reference:
Fortinet NSE 7 - OT Security 6.4 Study Guide, Chapter 4: OT Security Devices, page 4-20.
質問 # 22
What can be assigned using network access control policies?
- A. Logical networks
- B. Layer 3 polling intervals
- C. FortiNAC device polling methods
- D. Profiling rules
正解:A
質問 # 23
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.
What are two possible reasons why the report output was empty? (Choose two.)
- A. The administrator selected the wrong time period for the report.
- B. The administrator selected the wrong logs to be indexed in FortiAnalyzer.
- C. The administrator selected the wrong devices in the Devices section.
- D. The administrator selected the wrong hcache table for the report.
正解:A、D
質問 # 24
Refer to the exhibit and analyze the output.
Which statement about the output is true?
- A. This is a sample of a FortiAnalyzer system interface event log.
- B. This is a sample of an SNMP temperature control event log.
- C. This is a sample of a PAM event type.
- D. This is a sample of FortiGate interface statistics.
正解:A
質問 # 25
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)
- A. You can automate SOC tasks through playbooks.
- B. Each playbook can include multiple triggers.
- C. You cannot use Windows and Linux hosts security events with FortiSoC.
- D. You must set correct operator in event handler to trigger an event.
正解:A、D
解説:
Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc
質問 # 26
Refer to the exhibit.
An OT architect has implemented a Modbus TCP with a simulation server Conpot to identify and control the Modus traffic in the OT network. The FortiGate-Edge device is configured with a software switch interface ssw-01.
Based on the topology shown in the exhibit, which two statements about the successful simulation of traffic between client and server are true? (Choose two.)
- A. NAT is disabled in the FortiGate firewall policy from port3 to ssw-01.
- B. The FortiGate-Edge device must be in NAT mode.
- C. The FortiGate devices is in offline IDS mode.
- D. Port5 is not a member of the software switch.
正解:A、B
質問 # 27
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic? (Choose three.)
- A. Services defined in the firewall policy.
- B. Destination defined as internet services in the firewall policy
- C. Source defined as internet services in the firewall policy
- D. Highest to lowest priority defined in the firewall policy
- E. Lowest to highest policy ID number
正解:A、B、D
解説:
The three criteria that a FortiGate device can use to look for a matching firewall policy to process traffic are:
1. Services defined in the firewall policy - FortiGate devices can match firewall policies based on the services defined in the policy, such as HTTP, FTP, or DNS.
2. Destination defined as internet services in the firewall policy - FortiGate devices can also match firewall policies based on the destination of the traffic, including destination IP address, interface, or internet services.
3. Highest to lowest priority defined in the firewall policy - FortiGate devices can prioritize firewall policies based on the priority defined in the policy. The device will process traffic against the policy with the highest priority first and move down the list until it finds a matching policy.
Reference:
Fortinet NSE 7 - Enterprise Firewall 6.4 Study Guide, Chapter 4: Policy Implementation, page 4-18.
質問 # 28
An OT administrator is defining an incident notification policy using FortiSIEM and would like to configure the system with a notification policy. If an incident occurs, the administrator would like to be able to intervene and block an IP address or disable a user in Active Directory from FortiSIEM.
Which step must the administrator take to achieve this task?
- A. Configure a fabric connector with a notification policy on FortiSIEM to connect with FortiGate.
- B. Define a script/remediation on FortiManager and enable a notification rule on FortiSIEM.
- C. Deploy a mitigation script on Active Directory and create a notification policy on FortiSIEM.
- D. Create a notification policy and define a script/remediation on FortiSIEM.
正解:B
質問 # 29
An administrator wants to use FortiSoC and SOAR features on a FortiAnalyzer device to detect and block any unauthorized access to FortiGate devices in an OT network.
Which two statements about FortiSoC and SOAR features on FortiAnalyzer are true? (Choose two.)
- A. You can automate SOC tasks through playbooks.
- B. Each playbook can include multiple triggers.
- C. You cannot use Windows and Linux hosts security events with FortiSoC.
- D. You must set correct operator in event handler to trigger an event.
正解:A、D
解説:
Ref: https://docs.fortinet.com/document/fortianalyzer/7.0.0/administration-guide/268882/fortisoc
質問 # 30
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)
- A. Enhanced point of connection details
- B. Adapter consolidation for multi-adapter hosts
- C. Direct VLAN assignment
- D. Importation and classification of hosts
正解:A、C
質問 # 31
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication.
What is a possible reason?
- A. FortiGate determined the user by passive authentication
- B. Two-factor authentication is not configured with RADIUS authentication method
- C. The user was determined by Security Fabric
- D. FortiNAC determined the user by DHCP fingerprint method
正解:A
質問 # 32
Refer to the exhibit.
Which statement about the interfaces shown in the exhibit is true?
- A. port1, port1-vlan10, and port1-vlan1 are in different broadcast domains
- B. port1-vlan10 and port2-vlan10 are part of the same broadcast domain
- C. port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.
- D. The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.
正解:A
質問 # 33
Refer to the exhibit.
An OT administrator ran a report to identify device inventory in an OT network.
Based on the report results, which report was run?
- A. A FortiSIEM CMDB report
- B. A FortiAnalyzer device report
- C. A FortiSIEM incident report
- D. A FortiSIEM analytics report
正解:A
質問 # 34
What can be assigned using network access control policies?
- A. Layer 3 polling intervals
- B. Profiling rules
- C. FortiNAC device polling methods
- D. Logical networks
正解:B
質問 # 35
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.
What are two possible reasons why the report output was empty? (Choose two.)
- A. The administrator selected the wrong time period for the report.
- B. The administrator selected the wrong logs to be indexed in FortiAnalyzer.
- C. The administrator selected the wrong devices in the Devices section.
- D. The administrator selected the wrong hcache table for the report.
正解:A、C
解説:
https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/32cb817d-a307-11eb-b70b-00505692583a/FortiAnalyzer-7.0.0-Administration_Guide.pdf
質問 # 36
Which three common breach points can be found in a typical OT environment? (Choose three.)
- A. Hard hat
- B. Global hat
- C. Black hat
- D. VLAN exploits
- E. RTU exploits
正解:C、D、E
質問 # 37
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)
- A. Direct VLAN assignment
- B. Enhanced point of connection details
- C. Adapter consolidation for multi-adapter hosts
- D. Importation and classification of hosts
正解:B、D
解説:
The two benefits of a Nozomi integration with FortiNAC are enhanced point of connection details and importation and classification of hosts. Enhanced point of connection details allows for the identification and separation of traffic from multiple points of connection, such as Wi-Fi, wired, cellular, and VPN. Importation and classification of hosts allows for the automated importing and classification of host and device information into FortiNAC. This allows for better visibility and control of the network.
質問 # 38
Which three common breach points can be found in a typical OT environment? (Choose three.)
- A. Hard hat
- B. VLAN exploits
- C. Global hat
- D. Black hat
- E. RTU exploits
正解:A、D、E
質問 # 39
Refer to the exhibit, which shows a non-protected OT environment.
An administrator needs to implement proper protection on the OT network.
Which three steps should an administrator take to protect the OT network? (Choose three.)
- A. Configure firewall policies with industrial protocol sensors
- B. Deploy an edge FortiGate between the internet and an OT network as a one-arm sniffer.
- C. Configure firewall policies with web filter to protect the different ICS networks.
- D. Use segmentation
- E. Deploy a FortiGate device within each ICS network.
正解:A、B、C
質問 # 40
An OT network architect must deploy a solution to protect fuel pumps in an industrial remote network. All the fuel pumps must be closely monitored from the corporate network for any temperature fluctuations.
How can the OT network architect achieve this goal?
- A. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature security rule on the corporate network.
- B. Configure a fuel server on the corporate network, and deploy a FortiSIEM with a single pattern temperature performance rule on the remote network.
- C. Configure both fuel server and FortiSIEM with a single-pattern temperature performance rule on the corporate network.
- D. Configure a fuel server on the remote network, and deploy a FortiSIEM with a single pattern temperature performance rule on the corporate network.
正解:B
質問 # 41
......
NSE7_OTS-6.4問題集はNSE 7 Network Security Architect認証済み試験問題と解答:https://jp.fast2test.com/NSE7_OTS-6.4-premium-file.html
NSE7_OTS-6.4無料試験学習ガイド!(更新された37問あります):https://drive.google.com/open?id=1cprfWmZ0Y1r0EYXrzBmfBLRcoe4vudBh