EMT Practice Test

1. Question Content...


Question List

Question1: An OT network architect needs to secure control area zones with a single network access policy to provision devices to any number of different networks.
On which device can this be accomplished?

Question2: The OT network analyst run different level of reports to quickly explore failures that could put the network at risk. Such reports can be about device performance. Which FortiSIEM reporting method helps to identify device failures?

Question3: Refer to the exhibit.

Which statement about the interfaces shown in the exhibit is true?

Question4: An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.
Which statement about the industrial signature database on FortiGate is true?

Question5: Refer to the exhibit.

The IPS profile is added on all of the security policies on FortiGate.
For an OT network, which statement of the IPS profile is true?

Question6: What are two critical tasks the OT network auditors must perform during OT network risk assessment and management? (Choose two.)

Question7: An OT administrator deployed many devices to secure the OT network. However, the SOC team is reporting that there are too many alerts, and that many of the alerts are false positive. The OT administrator would like to find a solution that eliminates repetitive tasks, improves efficiency, saves time, and saves resources.
Which products should the administrator deploy to address these issues and automate most of the manual tasks done by the SOC team?

Question8: With the limit of using one firewall device, the administrator enables multi-VDOM on FortiGate to provide independent multiple security domains to each ICS network. Which statement ensures security protection is in place for all ICS networks?

Question9: Refer to the exhibits.

Which statement about some of the generated report elements from FortiAnalyzer is true?

Question10: A FortiGate device is newly deployed as the edge gateway of an OT network security fabric. The downstream FortiGate devices are also newly deployed as Security Fabric leafs to protect the control area zone.
With no additional essential networking devices, and to implement micro-segmentation on this OT network, what configuration must the OT network architect apply to control intra-VLAN traffic?

Question11: What can be assigned using network access control policies?

Question12: Which statemenl about the IEC 104 protocol is true?

Question13: Which type of attack posed by skilled and malicious users of security level 4 (SL 4) of IEC 62443 is designed to defend against intentional attacks?

Question14: Refer to the exhibit.

PLC-3 and CLIENT can send traffic to PLC-1 and PLC-2. FGT-2 has only one software switch (SSW-1) connecting both PLC-3 and CLIENT. PLC-3 and CLIENT can send traffic to each other at the Layer 2 level.
What must the OT admin do to prevent Layer 2-level communication between PLC-3 and CLIENT?

Question15: An OT administrator configured and ran a default application risk and control report in FortiAnalyzer to learn more about the key application crossing the network. However, the report output is empty despite the fact that some related real-time and historical logs are visible in the FortiAnalyzer.
What are two possible reasons why the report output was empty? (Choose two.)

Question16: An OT supervisor needs to protect their network by implementing security with an industrial signature database on the FortiGate device.
Which statement about the industrial signature database on FortiGate is true?

Question17: What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)

Question18: Refer to the exhibit and analyze the output.

Which statement about the output is true?

Question19: Refer to the exhibit.

Which statement is true about application control inspection?

Question20: Refer to the exhibit.

You are assigned to implement a remote authentication server in the OT network.
Which part of the hierarchy should the authentication server be part of?

Question21: Refer to the exhibit.

In order for a FortiGate device to act as router on a stick, what configuration must an OT network architect implement on FortiGate to achieve inter-VLAN routing?

Question22: Refer to the exhibit.

Based on the Purdue model, which three measures can be implemented in the control area zone using the Fortinet Security Fabric? (Choose three.)

Question23: Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)?
(Choose three.)

Question24: Which three Fortinet products can you use for device identification in an OT industrial control system (ICS)?
(Choose three.)

Question25: As an OT network administrator, you are managing three FortiGate devices that each protect different levels on the Purdue model. To increase traffic visibility, you are required to implement additional security measures to detect exploits that affect PLCs.
Which security sensor must implement to detect these types of industrial exploits?

Question26: What triggers Layer 2 polling of infrastructure devices connected in the network?

Question27: An OT architect has deployed a Layer 2 switch in the OT network at Level 1 the Purdue model-process control. The purpose of the Layer 2 switch is to segment traffic between PLC1 and PLC2 with two VLANs.
All the traffic between PLC1 and PLC2 must first flow through the Layer 2 switch and then through the FortiGate device in the Level 2 supervisory control network.
What statement about the traffic between PLC1 and PLC2 is true?

Question28: Which statement is correct about processing matched rogue devices by FortiNAC?

Question29: Which three common breach points can be found in a typical OT environment? (Choose three.)

Question30: Which two frameworks are common to secure ICS industrial processes, including SCADA and DCS? (Choose two.)

Question31: When you create a user or host profile, which three criteria can you use? (Choose three.)