01. Which three device profiling methods of FortiNAC are considered non-direct?
(Choose three.)
a) Location
b) TCP
c) IP range
d) SSH
e) Network traffic
02. A supervisor is configuring a software switch on a FortiGate device. What must the supervisor configure on FortiGate to control the traffic between member interfaces on the software switch, using firewall policies?
a) The supervisor must add different VLAN interfaces to the software switch.
b) The supervisor must configure the software switch with at least one wireless interface and one VLAN interface.
c) The supervisor must configure a separate forward domain for the software switch.
d) The supervisor must configure intra-switch-policy to explicit.
03. You are investigating a series of incidents that occurred in the OT network over past 24 hours in FortiSIEM. Which three FortiSIEM options can you use to investigate these incidents?
(Choose three.)
a) Security
b) IPS
c) List
d) Risk
e) Overview
04. An administrator needs to group FortiGate wireless interfaces in NAT mode with multiple physical interfaces. What interface type must the administrator select to group multiple FortiGate interfaces with the wireless interface?
a) Aggregate interface
b) VLAN interface
c) Software switch interface
d) Redundant interface
05. Which deployment option allows an administrator to detect intrusions without any modifications to production traffic?
a) Offline IPS
b) Offline IDS
c) Virtual patching
d) Inline IPS and IDS
06. Which three protocols are used as industrial Ethernet protocols?
(Choose three.)
a) M12
b) EtherCAT
c) RJ45
d) PROFINET
e) EtherNet/IP
07. In the context of FortiNAC, what is a key feature of a logical network?
a) It creates a one-to-one association between a network access policy and a VLAN.
b) It groups up to 10 VLANs into a single policy.
c) It simplifies network access policy management by reducing the number of policies needed.
d) It can identify several endpoints with a single rule.
08. Which two statements about FortiSIEM are true?
(Choose two.)
a) FortiSIEM can receive data from certain devices in SQL format.
b) FortiSIEM can receive and collect data from network devices and applications.
c) FortiSIEM can receive data from any network device and application.
d) FortiSIEM cannot receive data from a Windows server without an agent.
09. An OT customer is using multiple FortiGate devices in their network to implement two-factor authentication with hardware FortiTokens. A supervisor is carrying multiple FortiTokens to be used when logging in to a critical server behind different FortiGate devices.
As an OT network architect, which approach must you take in order to assign one token per user and still use two-factor authentication on multiple FortiGate devices?
a) Implement a FortiManager and manage all FortiGate devices in the OT network to share the FortiTokens database.
b) Implement FortiAuthenticator with FortiTokens provisioned for each user, and configure FortiAuthenticator as remote authentication server on all FortiGate devices in the OT network.
c) Provision the Edge-FortiGate device with all the FortiTokens and configure it as a remote authentication server on other FortiGate devices.
d) Configure FSSO-based two-factor authentication.
10. What is the main difference between real-time logs and historical logs on FortiAnalyzer?
a) Historical logs are indexed in the SQL database, but real-time logs are not.
b) Real-time logs are indexed in the SQL database, but historical logs are not.
c) Historical logs are compressed and real-time logs are indexed in the SQL database.
d) Real-time logs are indexed while historical logs are compressed in the SQL database.