Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

As an OT administrator, it is important to understand how industrial protocols work in an OT network.

Which communication method is used by the Modbus protocol?

A.

It uses OSI Layer 2 and the primary device sends data based on request from secondary device.

B.

It uses OSI Layer 2 and both the primary/secondary devices always send data during the communication.

C.

It uses OSI Layer 2 and both the primary/secondary devices send data based on a matching token ring.

D.

It uses OSI Layer 2 and the secondary device sends data based on request from primary device.

in an operation technology (OT) network FortiAnalyzer is used to receive and process logs from responsible FortiGate devices

Which statement about why FortiAnalyzer is receiving and processing multiple tog messages from a given programmable logic controller (PLC) or remote terminal unit (RTU) is true'?

A.

To determine which type of messages from the PLC or RTU causes issues in the plant

B.

To isolate PLCs or RTUs in the event of external attacks

C.

To help OT administrators troubleshoot and diagnose the OT network

D.

To track external threats and prevent them attacking the OT network

Which three common breach points can you find in a typical OT environment? (Choose three.)

A.

Black hat

B.

VLAN exploits

C.

Global hat

D.

RTU exploits

E.

Hard hat

What can be assigned using network access control policies?

A.

Layer 3 polling intervals

B.

FortiNAC device polling methods

C.

Logical networks

D.

Profiling rules

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

A.

CMDB reports

B.

Threat hunting reports

C.

Compliance reports

D.

OT/loT reports

With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

A.

Each traffic VDOM must have a direct connection to FortiGuard services to receive the required security updates.

B.

The management VDOM must have access to all global security services.

C.

Each VDOM must have an independent security license.

D.

Traffic between VDOMs must pass through the physical interfaces of FortiGate to check for security incidents.

An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.

Which statement about the industrial signature database on FortiGate is true?

A.

A supervisor must purchase an industrial signature database and import it to the FortiGate.

B.

An administrator must create their own database using custom signatures.

C.

By default, the industrial database is enabled.

D.

A supervisor can enable it through the FortiGate CLI.

An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.

On which device can this be accomplished?

A.

FortiGate

B.

FortiEDR

C.

FortiSwitch

D.

FortiNAC

Refer to the exhibit.

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level.

What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

A.

Set a unique forward domain for each interface of the software switch.

B.

Create a VLAN for each device and replace the current FGT-2 software switch members.

C.

Enable explicit intra-switch policy to require firewall policies on FGT-2.

D.

Implement policy routes on FGT-2 to control traffic between devices.

Which two statements about the Modbus protocol are true? (Choose two.)

A.

Modbus uses UDP frames to transport MBAP and function codes.

B.

Most of the PLC brands come with a built-in Modbus module.

C.

You can implement Modbus networking settings on internetworking devices.

D.

Modbus is used to establish communication between intelligent devices.