option
Cuestiones
ayuda
daypo
buscar.php

Test Forti

COMENTARIOS ESTADÍSTICAS RÉCORDS
REALIZAR TEST
Título del Test:
Test Forti

Descripción:
Test Forti

Fecha de Creación: 2026/07/15

Categoría: Otros

Número Preguntas: 47

Valoración:(0)
COMPARTE EL TEST
Nuevo ComentarioNuevo Comentario
Comentarios
NO HAY REGISTROS
Temario:

Which industrial protocol does not support VLANs?. Ethernet POWERLINK. Ethernet over industrial protocol. EtherCAT. Modbus over TCP.

Refer to the exhibit, The Core Network Security Connectors page of the FortiGate-2 device is shown. Which statement is correct?. FortiGate-2 serves as Fabric Root. You must enable Security Fabric Connection on the FortiGate-2 interface. You must configure the FortiAnalyzer settings on FortiGate-2. FortiGate-2 is not authorized on the root FortiGate.

A partial Basic Event Handler page on FortiAnalyzer and the creation of a trigger in a FortiGate device are shown. To improve the protection of your OT network, you want to automate the handling of compromised devices notified through FortiAnalyzer. You have configured an event handler as shown in the exhibit. When you create the trigger on the FortiGate device, the Event handler name field does not provide the Alert_trigger option. What two actions must you perform to make the Alert_trigger option available? (Choose two.). You must click + Create in the Event handler name field. You must authorize the FortiGate device on FortiAnalyzer. You must configure the FortiAnalyzer setting on the FortiGate device. You must configure the trigger on the root FortiGate.

The OT devices behind the ruggedized FortiGate have vulnerabilities and you want to apply a virtual patching profile in the firewall policy. Why is Virtual Patching not available in the Security Profiles section?. You must enable Virtual Patching in the Feature Visibility section. You must have a ruggedized FortiGate allowing the virtual patching feature. You must enable OT signatures. You must have a valid OT security service license.

A partial Application Sensor profile is shown. When you apply this profile in a firewall policy, which two statements are correct? (Choose two.). OT signatures are enabled. All OT protocols are monitored. Modbus write commands are blocked. A log is provided for each Modbus read holding registers command.

To improve visibility into the risks in your OT network, you would like to create a new report on FortiAnalyzer. What must you do to create this report?. Create a template or use an existing one. Import a report created in FortiSIEM. Enable the FortiAnalyzer Fabric settings. Clone a predefined report to create a new one.

DRAG DROP Match each industrial protocol to its corresponding characteristics. Select each OT industrial protocol in the column on the left and drag and drop it into the blank space next to its corresponding characteristics in the column on the right. After matching a device type to its characteristics, you can move it again if you want to change your answer by clicking the industrial protocol name. You must match all four industrial protocols to their characteristics in the work area. EtherCAT. POWERLINK. Modbus. Ethernet over industrial protocol.

Which standard is the most important to OT security across all industrial sectors?. NIST CSF. IEC 62443. HIPAA. GDPR.

In your OT environment, you want to detect the devices passively. Which two methods must you implement? (Choose two.). SSH. SNMP. Vendor OUI. Network traffic.

A partial OT network is shown. You must improve the security of this OT network and implement internal segmentation between network 1 and the network 2. How can you achieve the segmentation?. You can configure universal ZTNA. You can configure one traffic VDOM. You can configure an explicit software switch. You can configure forward domain IDs for each network.

A Run_report task is shown. You want to automate the generation of a newly created report on FortiAnalyzer. When you configure the Run_report task in Playbook, why is the report not shown in the Report field? (Choose two.). You must first configure the connector. You must first enable Extended Log Filtering in the report. You must first enable Auto-cache in the report. You must first configure an event handler. You must first select Playbook Starter, and then select the newly created report.

A firewall policy page is shown. To improve the security of your OT network, you have configured a Supervisor profile in the firewall policies, as shown in the exhibit. However, a supervisor is reporting that he cannot ping PLC-1. What are the two reasons? (Choose two.). The supervisor must first authenticate using a protocol such as HTTPS or Telnet. The Supervisor profile is not configured in the remote server. The firewall policy ID 8 is not enabled. The CLI parameter auth-on-demand is set to always.

You want to improve the security of your OT network and therefore deploy a FortiGate device with the OT signatures database. Which two statements about this database are true? (Choose two.). You must install a valid OT security service license. You must import the OT signatures database manually. The OT signatures database is enabled by default. You must set exclude-signatures to none in the console line interface.

In the Purdue model, at which level are physical assets like the Industrial Internet of Things (IIoT) placed?. At Level 5 only. At Level 1 only. Above Level 4. Below Level 3.5.

How are rogue devices evaluated in FortiNAC?. Through device profiling rules. Through queries to FortiGuard servers. Through the import of the devices list. Through the local device database (CIDB).

You want to improve access control for your large OT network using passive authentication. What must you configure on FortiGate?. Fortinet Single-Sign On (FSSO). Local users. Two-factor authentication. A FortiAuthenticator device as a remote server.

A partial OT network and the Security Profiles section of the FortiGate_Level2 firewall policy are shown. You have configured the FortiGate_Level2 firewall policy with a virtual patching profile because PLC-1 has vulnerabilities. A penetration test performed from the HMI device still reports vulnerabilities visible on PLC-1. Which two additional parameters must you enable on FortiGate_Level2? (Choose two.). OT application control. OT signatures. Device detection on port2. Device detection on port1.

A partial OT network is shown. You have configured the FortiGate device with VLANs to segment the OT network. The supervisor now wants to connect to the PLC from the Engineering Workstation. How can you allow access from the Engineering Workstation to the PLC?. You must configure intra-switch-policy as explicit. You must configure intra-switch-policy as implicit. You must configure forward domain IDs. You must configure a layer 3 switch.

A Logical Topology page of a FortiGate device is shown. Your OT company wants to gain visibility into the network. You decide to implement device detection with the Security Fabric. Based on the exhibit, which statement is correct?. Device Detection is enabled on the other identified device. The other identified device must be authorized on the root FortiGate. The other identified device must be authorized on FortiAnalyzer. Device Detection is enabled on port3.

A FortiAnalyzer report is shown. You must extract relevant information provided by the report regarding your OT network. Which two statements are correct? (Choose two.). The report covers the last day. The attacks are blocked. Mobdus traffic is reported. The targeted IP address of the attacks is 10.1.5.1.

You have configured event handlers on FortiAnalyzer to monitor your OT network. Based on the partial Event Monitor page shown in the exhibit, which statement is correct?. The corresponding IPS log has a block or drop action. The Web.Client event is contained. The Web.Client event is unhandled. The corresponding IPS log has a quarantine action.

A partial Incident Analysis page is shown. How was the incident created?. Automatically by a playbook. Automatically by an event handler. Manually by an administrator. Automatically by a stitch.

A FortiAnalyzer Event Monitor page is shown. Based on the Event Monitor page, which two statements are correct? (Choose two.). Thirteen events are related to the host with the IP address 10.1.5.1. The OT_Security_Events event handler has more than one rule configured. There are five high-severity events. The device with the IP address 192.168.2.3 is under attack.

A partial Application Sensor configuration is shown. You want to monitor the OT protocols in your network and have applied the OT_monitoring profile in the firewall policy. After generating OT traffic, you do not see any OT-related logs in the Application Control section. Which action must you perform?. You must define the OT protocols in the Application and Filter Overrides section. You must enable the OT signatures. You must enable Network Protocol Enforcement. You must set the All Categories field to Monitor.

A partial OT network and firewall policies configuration are shown. You added authentication in the firewall policy from Engineering Workstation to RTU to improve the security. When verifying your configuration, you notice that you can still access RTU from Engineering Workstation without an authentication prompt. What must you do to enforce authentication?. You must add authentication in firewall policy 9. You must add a local user instead of FortiAuthenticator. You must reboot FortiGate. You must enable Fortinet Single Sign-On (FSSO).

You want to gain complete visibility of the entire attack surface using FortiAnalyzer. Which two views must you use to achieve this result? (Choose two.). Risk Summary Dashboard. Resources Reports. Analytics Search. SOC Dashboard. MITRE ATT&CK® Attack.

A partial legacy OT network is shown. You must improve this historically flat OT network and minimize the risk of lateral movement. Which action must you perform?. You must add two-factor authentication. You must implement SD-WAN. You must segment the network with a hardware switch. You must implement micro-segmentation with firewall policies.

A Security Fabric logical topology view is shown. Which two statements are correct? (Choose two.). Edge-FortiGate, FortiGate-1, and FortiGate-2 have the Security Fabric configured. Device detection is enabled on port5 of the Edge-FortiGate device. FortiAnalyzer is connected only to Edge-FortiGate. FortiAnalyzer has the Security Fabric configured.

You want to monitor the performance of your specific OT sensors. Where must you fine-tune the event handling for these sensors on FortiSIEM?. In the Risk Summary section on the Dashboard tab. In the rule on the Resources tab. In the Investigation section on the Analytics tab. In the business services group on the CMDB tab.

To improve the protection of your OT network, you want to automate on FortiGate the handling of compromised devices notified by FortiAnalyzer. What must you configure?. An event handler with the parameter Automation Stitch enabled on FortiAnalyzer. An Automation with a LOCAL_HOST connector on FortiAnalyzer. The Security Fabric settings on FortiGate. A FortiOS Event Log trigger on FortiGate.

The network topology and the software-switch configuration are shown. Why is Engineering Workstation not able to access the PLCs?. Engineering Workstation and PLC are in different broadcast domains. The switch is not a layer 3 switch. The port2 and port3 interfaces do not have the same forward domain ID. A firewall policy to allow Engineering Workstation to access PLC is missing.

A partial OT network is shown. You want to enforce access control from Engineering Workstation to PLC. How can you achieve this on FortiGate?. You must create forward domain IDs. You must set the software switch to implicit. You must add authentication in the corresponding firewall policy. You must create VDOMs.

A Virtual Patching profile is shown. You have recently updated your SCADA system and would like to apply the SCADA virtual patching profile. Which two statements about this profile are correct? (Choose two.). Only the vulnerability Schneider.Electric.ClearSCADA.HTTP.Interface.XSS is still present. Low severity signatures are not blocked for the device with the MAC address 12:12:12:12:12. This profile blocks critical severity signatures for all the devices. The device with the MAC address 11:11:11:11:11 is considered to have no vulnerabilities.

A partial OT network is shown. In this OT network, you must add additional security measures to detect OT protocols and, therefore, increase the traffic visibility. Which security sensor must you implement to detect the OT protocols in this network?. Device detection on all the FortiGate interfaces. Inline IDS on FortiGate_Level3. Application sensor set to monitor on all the FortiGate devices. IPS sensor on FortiGate_Level5.

A partial FortiSIEM report is shown. Based on the information provided by the report, which two statements are correct? (Choose two.). Edge-FortiGate has a security profile implemented. The report covers seven days. One incident is reported. A vulnerability exists on the device with the IP address 10.1.5.20.

What is the next step if FortiGate cannot detect a device locally?. FortiGate queries OT servers through service connectors. FortiGate queries the profiling rules. FortiGate queries FortiGuard servers. FortiGate queries the local device database (CIDB).

A partial OT network is shown. You have recently removed the air gap in the network to provide full connectivity. What must you configure to protect your OT network from external attacks?. IPS on FortiGate_Level5. OT signatures on FortiGate_Level3. Virtual patching on FortiGate_Level2. OT application control on all FortiGate devices.

What are two advantages provided by industrial Ethernet? (Choose two.). Encryption. Real-time control. Remote access. Determinism.

A Logical Topology page of a FortiGate device is shown. Your company wants to gain visibility into the OT network. You decide to implement device detection with the Security Fabric. Based on the exhibit, which statement is correct?. Device Detection is enabled on port5. Device Detection is enabled on port3. You must authorize the leaf FortiGate on FortiAnalyzer. You must authorize a FortiGate device connected to port5.

A simplified OT network is shown. You want to optimize the protection of this OT network. Which two controls must you implement? (Choose two.). Virtual patching on FortiGate_Level2. OT signature on FortiGate_Level5. IPS on FortiGate_Level5. Offline IDS on FortiGate_Level3.

Why is the OT View tab not available in the Asset Identity Center section of the FortiGate-1 device?. The OT View tab is only available on the root FortiGate. Device Detection is not enabled on the FortiGate-1 interface. You must enable Security Fabric Connection on the interfaces of the FortiGate-1 device. You must enable the Purdue Levels feature on the FortiGate-1 device.

A partial OT network is shown. You must improve the internet network redundancy at the Edge-FortiGate level. How can you achieve this redundancy?. You can segment Edge-FortiGate with universal ZTNA. You can add a second internet link with VLANs. You can add a second internet link with SD-WAN. You can segment Edge-FortiGate into VDOMs.

You want to protect OT devices that are not updated against known vulnerabilities so you apply virtual patching to the firewall policies. What must you check to confirm that the OT devices are virtually patched?. The output of the CLI command get rule otvp status. The Asset Identity List page. The output of the CLI command get virtual-patch profile. The OT View page.

You would like to customize your current FortiAnalyzer report to provide a better risk assessment of your OT network. Which two options can you use to enhance your report? (Choose two.). The FortiView library. The Datasets library. The Log View library. The Chart library. The Dashboard library.

As the first step in your OT network protection plan, you must identify the OT protocols that the FortiGate device supports. Which two configurations must you implement on this FortiGate device? (Choose two.). You must implement an Intrusion Prevention security profile that monitors OT. You must implement an Application Control security profile that monitors OT. You must enable the OT signatures. You must enable Device detection on all the interfaces.

The Playbook Monitor dashboard and the analysis of the corresponding incident analysis are shown. You created the playbook with the objective of automatically attaching the report to the incident that was created. Which two statements are correct? (Choose two.). You must wait for the report to be generated and attached to the incident. The tasks in the playbook must be reordered. The playbook was triggered manually. Only the Create_Incident task was executed.

Based on the information provided on the partial Event Monitor page shown in the exhibit, how was the attack detected?. Automatically by a stitch. Manually by an administrator. Automatically by a playbook. Automatically by an event handler.

Denunciar Test