Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Fortinet NSE7_OTS-7.2 Practice Exam with Questions & Answers | Set: 2

Questions 11

Refer to the exhibit.

NSE7_OTS-7.2 Question 11

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level.

What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

Options:
A.

Set a unique forward domain for each interface of the software switch.

B.

Create a VLAN for each device and replace the current FGT-2 software switch members.

C.

Enable explicit intra-switch policy to require firewall policies on FGT-2.

D.

Implement policy routes on FGT-2 to control traffic between devices.

Fortinet NSE7_OTS-7.2 Premium Access
Questions 12

The OT network analyst runs different level of reports to quickly explore threats that exploit the network. Such reports can be run on all routers, switches, and firewalls. Which FortiSIEM reporting method helps to identify these type of exploits of image firmware files?

Options:
A.

CMDB reports

B.

Threat hunting reports

C.

Compliance reports

D.

OT/loT reports

Questions 13

Refer to the exhibit.

Which statement is true about application control inspection?

Options:
A.

The industrial application control inspection process is unique among application categories.

B.

Security actions cannot be applied on the lowest level of the hierarchy.

C.

You can control security actions only on the parent-level application signature

D.

The parent signature takes precedence over the child application signature.

Questions 14

An OT network consists of multiple FortiGate devices. The edge FortiGate device is deployed as the secure gateway and is only allowing remote operators to access the ICS networks on site.

Management hires a third-party company to conduct health and safety on site. The third-party company must have outbound access to external resources.

As the OT network administrator, what is the best scenario to provide external access to the third-party company while continuing to secure the ICS networks?

Options:
A.

Configure outbound security policies with limited active authentication users of the third-party company.

B.

Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.

C.

Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.

D.

Implement an additional firewall using an additional upstream link to the internet.

Questions 15

Which three common breach points can be found in a typical OT environment? (Choose three.)

Options:
A.

Global hat

B.

Hard hat

C.

VLAN exploits

D.

Black hat

E.

RTU exploits

Questions 16

What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Options:
A.

Planning a threat hunting strategy

B.

Implementing strategies to automatically bring PLCs offline

C.

Creating disaster recovery plans to switch operations to a backup plant

D.

Evaluating what can go wrong before it happens

Questions 17

Refer to the exhibit.

NSE7_OTS-7.2 Question 17

Which statement about the interfaces shown in the exhibit is true?

Options:
A.

port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

B.

The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.

C.

port1-vlan10 and port2-vlan10 are part of the same broadcast domain

D.

port1, port1-vlan10, and port1-vlan1 are in different broadcast domains

Questions 18

A FortiGate device is newly deployed as the edge gateway of an OT network security fabric. The downstream FortiGate devices are also newly deployed as Security Fabric leafs to protect the control area zone.

With no additional essential networking devices, and to implement micro-segmentation on this OT network, what configuration must the OT network architect apply to control intra-VLAN traffic?

Options:
A.

Enable transparent mode on the edge FortiGate device.

B.

Enable security profiles on all interfaces connected in the control area zone.

C.

Set up VPN tunnels between downstream and edge FortiGate devices.

D.

Create a software switch on each downstream FortiGate device.

Questions 19

Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

Options:
A.

FortiSIEM

B.

FortiManager

C.

FortiAnalyzer

D.

FortiGate

E.

FortiNAC

Questions 20

As an OT network administrator you are required to generate reports that primarily use the same type of data sent to FortiSlEM These reports are based on the preloaded analytic searches

Which two actions can you take on FortiSlEM to enhance running reports for future use? (Choose two.)

Options:
A.

Automate running these reports upon receiving new logs

B.

Export the preloaded analytics searches to an external syslog server

C.

Create custom reports to process additional analytic searches

D.

Save the analytic searches and turn them into report definitions

Exam Code: NSE7_OTS-7.2
Certification Provider: Fortinet
Exam Name: Fortinet NSE 7 - OT Security 7.2
Last Update: Jul 9, 2025
Questions: 69

How to Pass NSE7_OTS-7.2 Exams

PDF + Testing Engine
$164.99
$66
Add to Cart
Testing Engine
$124.99
$50
Add to Cart
PDF (Q&A)
$104.99
$42
Add to Cart

Fortinet Related Exams

How to pass Fortinet NSE7_ADA-6.3 - Fortinet NSE 7 - Advanced Analytics 6.3 Exam
How to pass Fortinet NSE7_EFW-7.0 - Fortinet NSE 7 - Enterprise Firewall 7.0 Exam
How to pass Fortinet NSE7_LED-7.0 - Fortinet NSE 7 - LAN Edge 7.0 Exam
How to pass Fortinet NSE7_SDW-7.0 - Fortinet NSE 7 - SD-WAN 7.0 Exam
How to pass Fortinet NSE7_PBC-7.2 - Fortinet NSE 7 Public Cloud Security 7.2 (FCSS) Exam
How to pass Fortinet NSE7_EFW-7.2 - Fortinet NSE 7 - Enterprise Firewall 7.2 Exam
How to pass Fortinet NSE7_SDW-7.2 - Fortinet NSE 7 - SD-WAN 7.2 Exam
How to pass Fortinet NSE7_ZTA-7.2 - Fortinet NSE 7 - Zero Trust Access 7.2 Exam
FCSS_SASE_AD-23 - FCSS-FortiSASE 23 Administrator
FCSS_SDW_AR-7.4 - FCSS - SD-WAN 7.4 Architect
FCP_FAC_AD-6.5 - FCP - FortiAuthenticator 6.5 Administrator
NSE8_812 - Network Security Expert 8 Written Exam
FCSS_SASE_AD-24 - FCSS - FortiSASE 24 Administrator
NSE6_FAZ-7.2 - Fortinet NSE 6 - FortiAnalyzer 7.2 Administrator
FCSS_SOC_AN-7.4 - FCSS - Security Operations 7.4 Analyst
Fortinet Free Access
Get Fortinet Full Access

Fortinet Free Exams
Fortinet Free Exams
Access free Fortinet exam study guides and practice tests at Examstrack. Ensure your success with top-notch preparation resources at Examstrack.