An Amazon Web Services (AWS) auto-scale FortiGate cluster has just experienced a scale-down event, terminating
An Amazon Web Services (AWS) auto-scale FortiGate cluster has just experienced a scale-down event, terminating a FortiGate in availability zone C. This has now black-holed the private subnet in this availability zone. What action will the worker node automatically perform to restore access to the black-holed subnet? A. The worker node applies a route table […]
You are deploying Amazon Web Services (AWS) GuardDuty to monitor malicious or unauthorized behaviors related t
You are deploying Amazon Web Services (AWS) GuardDuty to monitor malicious or unauthorized behaviors related to AWS resources. You will also use the Fortinet aws-lambda-guardduty script to translate feeds from AWS GuardDuty findings into a list of malicious IP addresses. FortiGate can then consume this list as an external threat feed. Which Amazon AWS services […]
You have been tasked with deploying FortiGate VMs in a highly available topology on the Amazon Web Services (A
You have been tasked with deploying FortiGate VMs in a highly available topology on the Amazon Web Services (AWS) cloud. The requirements for your deployment are as follows: • You must deploy two FortiGate VMs in a single virtual private cloud (VPC), with an external elastic load balancer which will distribute ingress traffic from the […]
When configuring the FortiCASB policy, which three configuration options are available?
When configuring the FortiCASB policy, which three configuration options are available? (Choose three.) A. Intrusion prevention policies B. Threat protection policies C. Data loss prevention policies D. Compliance policies E. Antivirus policies Reference: https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/bf017449-572a-11e9-81a4-00505692583a/forticasb-4.1.0-admin-guide.pdf (62)
An OT supervisor has configured LDAP and FSSO for the authentication.
An OT supervisor has configured LDAP and FSSO for the authentication. The goal is that all the users be authenticated against passive authentication first and, if passive authentication is not successful, then users should be challenged with active authentication. What should the OT supervisor do to achieve this on FortiGate? A. Configure a firewall policy […]
An OT administrator deployed many devices to secure the OT network.
An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources. Which products should […]
An OT network administrator is trying to implement active authentication.
An OT network administrator is trying to implement active authentication. Which two methods should the administrator use to achieve this? (Choose two.) A. Two-factor authentication on FortiAuthenticator B. Role-based authentication on FortiNAC C. FSSO authentication on FortiGate D. Local authentication on FortiGate
Which three common breach points can be found in a typical OT environment?
Which three common breach points can be found in a typical OT environment? (Choose three.) A. Global hat B. Hard hat C. VLAN exploits D. Black hat E. RTU exploits
In a wireless network integration, how does FortiNAC obtain connecting MAC address information?
In a wireless network integration, how does FortiNAC obtain connecting MAC address information? A. RADIUS B. Link traps C. End station traffic monitoring D. MAC notification traps
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)?
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)? (Choose three.) A. FortiNAC B. FortiManager C. FortiAnalyzer D. FortiSIEM E. FortiGate