Cyber Monday Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

What two advantages does FortiNAC provide in the OT network? (Choose two.)

A.

It can be used for IoT device detection.

B.

It can be used for industrial intrusion detection and prevention.

C.

It can be used for network micro-segmentation.

D.

It can be used for device profiling.

Which statement about the IEC 104 protocol is true?

A.

IEC 104 is used for telecontrol SCADA in electrical engineering applications.

B.

IEC 104 is IEC 101 compliant in old SCADA systems.

C.

IEC 104 protects data transmission between OT devices and services.

D.

IEC 104 uses non-TCP/IP standards.

Refer to the exhibits.

Which statement about some of the generated report elements from FortiAnalyzer is true?

A.

The report confirms Modbus and IEC 104 are the key applications crossing the network.

B.

FortiGate collects the logs and generates the report to FortiAnalyzer.

C.

The file types confirm the infected applications on the PLCs.

D.

This report is predefined and is not available for customization.

To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?

A.

By inspecting software and software-based vulnerabilities

B.

By inspecting applications only on nonprotected traffic

C.

By inspecting applications with more granularity by inspecting subapplication traffic

D.

By inspecting protocols used in the application traffic

Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

A.

Modbus

B.

NIST Cybersecurity

C.

IEC 62443

D.

IEC104

Refer to the exhibit.

Which statement is true about application control inspection?

A.

The industrial application control inspection process is unique among application categories.

B.

Security actions cannot be applied on the lowest level of the hierarchy.

C.

You can control security actions only on the parent-level application signature

D.

The parent signature takes precedence over the child application signature.

Refer to the exhibit.

You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway.

What must you do to achieve this objective?

A.

You must use a FortiAuthenticator.

B.

You must register the same FortiToken on more than one FortiGate.

C.

You must use the user self-registration server.

D.

You must use a third-party RADIUS OTP server.

Refer to the exhibit.

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

A.

FortiGate for SD-WAN

B.

FortiGate for application control and IPS

C.

FortiNAC for network access control

D.

FortiSIEM for security incident and event management

E.

FortiEDR for endpoint detection

An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.

Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

A.

FortiSIEM and FortiManager

B.

FortiSandbox and FortiSIEM

C.

FortiSOAR and FortiSIEM

D.

A syslog server and FortiSIEM

Which statement is correct about processing matched rogue devices by FortiNAC?

A.

FortiNAC cannot revalidate matched devices.

B.

FortiNAC remembers the match ng rule of the rogue device

C.

FortiNAC disables matching rule of previously-profiled rogue devices.

D.

FortiNAC matches the rogue device with only one device profiling rule.