A.  

port2, port2-vlan10, and port2-vlan1 are part of the software switch interface.

B.  

The VLAN ID of port1-vlan1 can be changed to the VLAN ID 10.

C.  

port1-vlan10 and port2-vlan10 are part of the same broadcast domain

D.  

port1, port1-vlan10, and port1-vlan1 are in different broadcast domains

A.  

Set a unique forward domain for each interface of the software switch.

B.  

Create a VLAN for each device and replace the current FGT-2 software switch members.

C.  

Enable explicit intra-switch policy to require firewall policies on FGT-2.

D.  

Implement policy routes on FGT-2 to control traffic between devices.

A.  

FortiGate

B.  

FortiEDR

C.  

FortiSwitch

D.  

FortiNAC

A.  

FortiGate receives traffic from configured port mirroring.

B.  

Network traffic goes through FortiGate.

C.  

FortiGate acts as network sensor.

D.  

Network attacks can be detected and blocked.

A.  

Add a new condition to filter Modbus traffic based on the source TCP/UDP port

B.  

The condition on the SubPattern filter must use the AND logical operator

C.  

the Aggregate section, set the attribute value to equal to or greater than 0

D.  

In the Group By section remove all attributes that are not configured in the Filter section

A.  

This is a sample of a FortiAnalyzer system interface event log.

B.  

This is a sample of an SNMP temperature control event log.

C.  

This is a sample of a PAM event type.

D.  

This is a sample of FortiGate interface statistics.

A.  

Layer 3 polling intervals

B.  

FortiNAC device polling methods

C.  

Logical networks

D.  

Profiling rules

A.  

Create a back-end backup network as a redundancy measure.

B.  

Implement SD-WAN to manage traffic on each ISP link.

C.  

Add additional internal firewalls to access OT devices.

D.  

Create more access policies to prevent unauthorized access.

A.  

IPS must be enabled to inspect application signatures.

B.  

The application filter overrides the default action of some IEC 104 signatures.

C.  

IEC 104 signatures are all allowed except the

C.  

D.  

SSL Inspection must be set to deep-inspection to correctly apply application control.

A.  

FortiGate for SD-WAN

B.  

FortiGate for application control and IPS

C.  

FortiNAC for network access control

D.  

FortiSIEM for security incident and event management

E.  

FortiEDR for endpoint detection

A.  

Known trusted devices, each time they change location

B.  

All connected devices, each time they connect

C.  

Rogue devices, only when they connect for the first time

D.  

Rogue devices, each time they connect

A.  

Configure outbound security policies with limited active authentication users of the third-party company.

B.  

Create VPN tunnels between downstream FortiGate devices and the edge FortiGate to protect ICS network traffic.

C.  

Split the edge FortiGate device into multiple logical devices to allocate an independent VDOM for the third-party company.

D.  

Implement an additional firewall using an additional upstream link to the internet.

A.  

CMDB reports

B.  

Threat hunting reports

C.  

Compliance reports

D.  

OT/loT reports

A.  

Endpoint Detection and Response (EDR)

B.  

Deep packet inspection (DPI)

C.  

Intrusion prevention system (IPS)

D.  

Application control (AC)

A.  

The industrial application control inspection process is unique among application categories.

B.  

Security actions cannot be applied on the lowest level of the hierarchy.

C.  

You can control security actions only on the parent-level application signature

D.  

The parent signature takes precedence over the child application signature.

A.  

In the PCI logging dashboard and there are one or more high-severity security incidents for the FortiGate device.

B.  

In the summary dashboard and there are one or more high-severity security incidents for the FortiGate device.

C.  

In the widget dashboard and there are one or more high-severity incidents for the FortiGate device.

D.  

In the business service dashboard and there are one or more high-severity security incidents for the FortiGate device.

A.  

Each traffic VDOM must have a direct connection to FortiGuard services to receive the required security updates.

B.  

The management VDOM must have access to all global security services.

C.  

Each VDOM must have an independent security license.

D.  

Traffic between VDOMs must pass through the physical interfaces of FortiGate to check for security incidents.

A.  

Firewall policies should be configured on FortiGate-3 and FortiGate-4 with industrial protocol sensors.

B.  

Micro-segmentation can be achieved only by replacing FortiGate-3 and FortiGate-4 with a pair of FortiSwitch devices.

C.  

IT and OT networks are separated by segmentation.

D.  

FortiGate-3 and FortiGate-4 devices must be in a transparent mode.

A.  

You must set correct operator in event handler to trigger an event.

B.  

You can automate SOC tasks through playbooks.

C.  

Each playbook can include multiple triggers.

D.  

You cannot use Windows and Linux hosts security events with FortiSoC.

A.  

FortiGate has no IPS industrial signature database enabled.

B.  

The listed IPS signatures are classified as SCADA equipment.

C.  

All IPS signatures are overridden and must block traffic match signature patterns.

D.  

The IPS profile inspects only traffic originating from SCADA equipment.