Based on the topology designed by the OT architect, which two statements about implementing OT security are true?
Refer to the exhibit. Based on the topology designed by the OT architect, which two statements about implementing OT security are true? (Choose two.)A . Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.B . Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with...
What are two possible reasons why the report output was empty?
An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer. What are two possible...
What should the OT supervisor do to achieve this on FortiGate?
An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication. What should the OT supervisor do to achieve this on FortiGate?A...
What must you do to achieve this objective?
Refer to the exhibit. You need to configure VPN user access for supervisors at the breach and HQ sites using the same soft FortiToken. Each site has a FortiGate VPN gateway. What must you do to achieve this objective?A . You must use a FortiAuthenticator.B . You must register the...
How do you view information presented in the exhibit and what does the FortiGate device security status tell you?
Refer to the exhibit. You are navigating through FortiSIEM in an OT network. How do you view information presented in the exhibit and what does the FortiGate device security status tell you?A . In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate...
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.)A . FortiNACB . FortiManagerC . FortiAnalyzerD . FortiSIEME . FortiGateView AnswerAnswer: A,D,E
Which two methods should the administrator use to achieve this?
An OT network administrator is trying to implement active authentication. Which two methods should the administrator use to achieve this? (Choose two.)A . Two-factor authentication on FortiAuthenticatorB . Role-based authentication on FortiNACC . FSSO authentication on FortiGateD . Local authentication on FortiGateView AnswerAnswer: A,D
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)A . Enhanced point of connection detailsB . Direct VLAN assignmentC . Adapter consolidation for multi-adapter hostsD . Importation and classification of hostsView AnswerAnswer: C,D
Which three steps should an administrator take to protect the OT network?
Refer to the exhibit, which shows a non-protected OT environment. An administrator needs to implement proper protection on the OT network. Which three steps should an administrator take to protect the OT network? (Choose three.)A . Deploy an edge FortiGate between the internet and an OT network as a one-arm...
What is a possible reason?
An OT administrator has configured FSSO and local firewall authentication. A user who is part of a user group is not prompted from credentials during authentication. What is a possible reason?A . FortiGate determined the user by passive authenticationB . The user was determined by Security FabricC . Two-factor authentication...