Fortinet NSE 7 - OT Security 7.2 - NSE7_OTS-7.2 Exam Questions [2026]

QUESTION NO: 1
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)

A. Adapter consolidation for multi-adapter hosts B. Importation and classification of hosts C. Direct VLAN assignment D. Enhanced point of connection details

Correct Answer: A,B

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 2
What is the primary objective of implementing SD-WAN in operational technology (OT) networks?

A. Remove centralized network security policies. B. Enhance network performance of OT applications C. Reduce security risk and threat attacks D. Replace standard links with lower cost connections

Correct Answer: B

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 3
Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)? (Choose three.)

A. FortiNAC B. FortiGate C. FortiAnalyzer D. FortiSIEM E. FortiManager

Correct Answer: A,B,D

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 4
To increase security protection in an OT network, how does application control on ForliGate detect industrial traffic?

A. By inspecting applications only on nonprotected traffic B. By inspecting protocols used in the application traffic C. By inspecting software and software-based vulnerabilities D. By inspecting applications with more granularity by inspecting subapplication traffic

Correct Answer: B

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 5
An OT customer is using multiple FortiGate devices in their network to implement two-factor authentication with hardware FortiTokens. A supervisor is carrying multiple FortiTokens to be used when logging in to a critical server behind different FortiGate devices.
As an OT network architect, which approach must you take in order to assign one token per user and still use two-factor authentication on multiple FortiGate devices?

A. Implement a FortiManager and manage all FortiGate devices in the OT network to share the FortiTokens database. B. Implement FortiAuthenticator with FortiTokens provisioned for each user, and configure FortiAuthenticator as remote authentication server on all FortiGate devices in the OT network. C. Provision the Edge-FortiGate device with all the FortiTokens and configure it as a remote authentication server on other FortiGate devices. D. Configure FSSO-based two-factor authentication.

Correct Answer: B

QUESTION NO: 6
Refer to the exhibit. In the topology shown in the exhibit, both PLCs can communicate directly with each other without going through the firewall.
What can be done to improve the security in this situation?

A. Implement micro-segmentation. B. Create firewall policies in the switch to secure traffic between PLCs. C. Implement a solution that expands VLAN capabilities from Layer 2 to Layer 3. D. Configure PLCs to use the IEEE802.1Q protocol to communicate with each other.

Correct Answer: A

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 7
Refer to the exhibit. The IPS profile is added on all of the security policies on FortiGate. For an OT network, which statement of the IPS profile is true?

A. All IPS signatures are overridden and must block traffic match signature patterns. B. The listed IPS signatures are classified as SCADA applications. C. The IPS profile inspects only traffic originating from SCADA equipment. D. FortiGate has no IPS industrial signature database enabled.

Correct Answer: B

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 8
FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer.
In this scenario, which statement is correct about the purpose of FortiAnalyzer receiving and processing multiple log messages from a given PLC or RTU?

A. To determine which type of messages from the PLC or RTU causes issues in the plant B. To isolate PLCs or RTUs in the event of external attacks C. To help OT administrators configure the network and prevent breaches D. To configure event handlers and take further action on FortiGate

Correct Answer: A

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).

QUESTION NO: 9
Which statement is correct about processing matched rogue devices by FortiNAC?

A. FortiNAC matches the rogue device with only one device profiling rule. B. FortiNAC cannot revalidate matched devices. C. FortiNAC disables matching rule of previously-profiled rogue devices. D. FortiNAC remembers the matching rule of the rogue device.

Correct Answer: D

Explanation: Only visible for Pass4Test members. You can sign-up / login (it's free).