NSE7_OTS-6.4 Fortinet NSE 7 - OT Security 6.4 Exam

Fortinet NSE 7 - OT Security 6.4
Exam series: NSE7_OTS-6.4
Number of questions: 35
Exam time: 60 minutes
Language: English
Product version: FortiOS 6.4
Status: Available

NSE 7 Network Security Architect—OT Security

NSE 7 Certification
The Fortinet Network Security Architect designation identifies your advanced skills in deploying, administering, and troubleshooting Fortinet security solutions. We recommend this certification for network and security professionals who are involved in the advanced administration and support of security infrastructures using Fortinet solutions. Visit the Fortinet NSE Certification Program page for information about certification requirements.

Fortinet NSE 7—OT Security 6.4
The Fortinet NSE 7—OT Security 6.4 exam is part of the NSE 7 Network Security Architect program, and recognizes the successful candidate’s knowledge of and expertise with the Fortinet products in an OT environment.

The exam tests applied knowledge of the design, implementation, operation, and integration of an OT security
solution comprising FortiOS 6.4.3, FortiAnalyzer 6.4.3, FortiSIEM 5.3.1, and FortiNAC 8.5.

Audience
The Fortinet NSE 7—OT Security 6.4 exam is intended for network and security professionals responsible for designing and implementing infrastructure containing many Fortinet devices.

Exam Details
Exam name Fortinet NSE 7—OT Security 6.4
Exam series NSE7_OTS-6.4
Time allowed 60 minutes
Exam Description
Exam questions 35 multiple-choice questions
Scoring Pass or fail, a score report is available from your Pearson VUE account
Language English
Product version FortiOS 6.4.3, FortiAnalyzer 6.4.3, FortiSIEM 5.3.1, FortiNAC 8.5

Exam Topics
Successful candidates have applied knowledge and skills in the following areas and tasks:
* Asset Management
* Explain the OT architecture with Fortinet products
* Configure the security fabric for OT network
* Implement device detection with FortiGate
* Explain network visibility with FortiNAC
* Network access control
* Explain role-based authentication
* Apply authentication to control access to devices
* Explain industrial Ethernet protocols
* Explain internal segmentation implementation for OT networks
* Protecting OT network
* Identify industrial protocols and signatures
* Implement IPS to secure OT networks
* Implement application control for industrial applications
* Monitoring and risk assessment
* Implement logging and monitoring with FortiAnalyzer and FortiSIEM
* Explain FortiSIEM rules and incidents
* Customize and generate reports with FortiAnalyzer and FortiSIEM
* Build OT security dashboard with FortiSIEM

Training Resources
The following resources are recommended for attaining the knowledge and skills that are covered on the exam. The recommended training is available as a foundation for exam preparation. In addition to training, candidates are strongly encouraged to have hands-on experience with the exam topics and objectives.

NSE Training Institute Courses
* NSE 7 OT Security 6.4
* NSE 4 FortiGate Security 6.4
* NSE 4 FortiGate Infrastructure 6.4
* NSE 5 FortiAnalyzer 6.4
* NSE 5 FortiSIEM 5.3
* NSE 6 FortiNAC 8.5

Other Resources
* FortiOS Administration Guide 6.4.3
* FortiOS CLI Reference 6.4.3
* FortiAnalyzer Administration Guide 6.4.3
* FortiSIEM User Guide 5.3.1
* FortiNAC Administration and Operation Guide 8.5

Experience
l Familiarity with design, implementation, and integration of the Fortinet solution in an OT infrastructure

Exam Sample Questions
A set of sample questions is available from the NSE Training Institute. These questions sample the exam content in question type and content scope. However, the questions do not necessarily represent all the exam content, nor are they intended to assess an individual’s readiness to take the certification exam.

See the NSE Training Institute for the course that includes the sample questions.

Examination Policies and Procedures
The NSE Training Institute recommends that candidates review exam policies and procedures before registering for the exam. Access important information on the Program Policies page, and find answers to common questions on the
FAQ page.

---

QUESTION 1
What are two benefits of a Nozomi integration with FortiNAC? (Choose two.)

A. Enhanced point of connection details
B. Direct VLAN assignment
C. Adapter consolidation for multi-adapter hosts
D. Importation and classification of hosts

Answer: A,B
Section: (none)
Explanation
Explanation/Reference:   

---

QUESTION 2
Which three criteria can a FortiGate device use to look for a matching firewall policy to process traffic?
(Choose three.)

A. Services defined in the firewall policy.
B. Source defined as internet services in the firewall policy
C. Lowest to highest policy ID number
D. Destination defined as internet services in the firewall policy
E. Highest to lowest priority defined in the firewall policy

Answer: A,B,D
Section: (none)
Explanation
Explanation/Reference:

---

QUESTION 3
Which three Fortinet products can be used for device identification in an OT industrial control system (ICS)?
(Choose three.)

A. FortiNAC
B. FortiManager
C. FortiAnalyzer
D. FortiSIEM
E. FortiGate

Answer: A,C,D

Examkingdom Fortinet NSE7_OTS-6.4 Exam pdf, Certkingdom Fortinet NSE7_OTS-6.4 PDF

Best Fortinet NSE7_OTS-6.4 Certification, Fortinet NSE7_OTS-6.4 Training at certkingdom.com

2V0-81.20 Professional VMware Security Exam Details

 

EXAM NUMBER : 2V0-81.20
PRODUCT : NSX-T Data Center 3.0, Workspace ONE 20.X, VMware Carbon Black Cloud
EXAM LANGUAGE : English
Associate Certifications : VCP-SEC 2021

EXAM OVERVIEW :
This exam tests a candidate's knowledge of VMware's security solutions and the candidate's ability to administer the security features and functions of NSX-T Data Center, Workspace ONE, and VMware Carbon Black Cloud.

Exam Info
Duration : 130 minutes
Number of Questions : 70
Passing Score : 300 Learn more
Format : Multiple Choice, Multiple Choice Multiple Selection, Drag and Drop, Matching

Exam Details:
(Last Updated: 10/7/2020) The Professional VMware Security exam (2V0-81.20) which leads to VMware Certified Professional – Security 2021 certification is a 70-itemexam, with a passing score of 300 using a scaled scoring method. Candidates are given 130 minutes to complete the exam, which includes adequate time to complete the exam for non-native English speakers.

Exam Delivery :
This is a proctored exam delivered through Pearson VUE. For more information, visit the Pearson VUE website.

Certification Information :
For details and a complete list of requirements and recommendations for attainment, please reference the VMware Education Services –Certification website.

Minimally Qualified :
Candidate The minimally qualified candidate (MQC) possesses knowledge of vSphere, networking, and endpoint security. The MQC can explain VMware Security key features and functionality. The MQC can describe VMware's Security architecture concepts. The MQC can explain the primary security features of VMware Carbon Black Cloud, NSX-T Data Center, and Workspace ONE, and how these VMware products interoperate with each other to deliver an intrinsic security solution. The MQC can describe use cases for VMware Security to others. The MQC has a minimum of 6 months hands-on experience configuring and managing VMware Security solutions and 1 year of experience working directly with VMware Carbon Black Cloud, NSX-T Data Center, and Workspace ONE. The MQC must possess all the knowledge contained in the sections included in this exam.

Exam Sections:
VMware exam blueprint sections are now standardized to the seven sections below, some of which may NOT be included in the final exam blueprint depending on the exam objectives.

Section 1 – Architecture and Technologies
Section 2 – Products and Solutions
Section 3 – Planning and Designing
Section 4 – Installing, Configuring, and Setup
Section 5 – Performance-tuning, Optimization, and Upgrades
Section 6 – Troubleshooting and Repairing
Section 7 – Administrative and Operational Tasks

If a section does not have testable objectives in this version of the exam, it will be noted below, accordingly. The objective numbering may be referenced in your score report at the end of your testing event for further preparation should a retake of the exam be necessary.

Sections Included in this Exam

Section 1 – There are no testable objectives for this section.
Section 2 – There are no testable objectives for this section.
Section 3 – There are no testable objectives for this section.

Section 4 – Installing, Configuring, and Setting

Objective 4.1 – Configure firewall rules to enable and secure Workspace ONE Components
Objective 4.2 –Configure and manage security groups and security policies in Carbon Black
Objective 4.3 –Configure compliance policies and profiles in Workspace ONE UEM
Objective 4.4 –Configure access policies in Workspace ONE Access
Objective 4.5 –Configure and administer endpoint management
Objective 4.6 –Deploy CB Defense sensors to endpoints
Objective 4.7 –Configure and administer identity providers in Workspace ONE Access
Objective 4.8 –Configure and administer authentication methods in Workspace ONE Access
Objective 4.9 –Deploy and configure NSX-T
Objective 4.10 –Outline the installation and preparation workflow of NSX-T data center
Objective 4.11 –Configure and manage firewalls rules for NSX-T
Objective 4.12 –Connect NSX-T Manager to User Directory for user based firewall rules
Objective 4.13 –Configure and manage security groups and security policies in NSX-T
Objective 4.14 –Install and configure Guest Introspection agent components in VMTools

Section 5 –
Section 6 – Troubleshooting and Repairing

Objective 6.1 –Compare and contrast tools available for troubleshooting (vRNI vs NSX Intelligence)
Objective 6.2 –Troubleshoot common NSX component issues

Objective 6.2.1 –Troubleshoot common NSX installation and configuration issues
Objective 6.2.2 –Troubleshoot common NSX firewall policy issues

Objective 6.3 –Troubleshoot common Carbon Black issues
Objective 6.4 –Troubleshoot Workspace ONE issues around endpoint security
Objective 6.5 –Troubleshoot connectivity issues
Objective 6.6 –Troubleshoot multi-cloud security issues
Objective 6.7 –Troubleshoot common physical infrastructure issues

Section 7 – Administrative and Operational Tasks

Objective 7.1 – Identify data center traffic flows
Objective 7.2 – Identify automation mechanisms for security policy configuration
Objective 7.3 – Manage firewall policies
Objective 7.4 – Monitor security for compliance and regulation assurance
Objective 7.5 – Manage security policies for business continuity and disaster recovery
Objective 7.6 – Perform patch management in Workspace ONE
Objective 7.7 – Manage access policies for Single Sign-On and third party Identity Provider federation
 

Recommended Courses
NSX-T Data Center Install, Config, Manage [3.X]
Workspace ONE Deploy and Manage [20.X]]
VMware Carbon Black Cloud Audit and Remediation
VMware Carbon Black Cloud Endpoint Standard
VMware Carbon Black Cloud Enterprise EDR

References*
In addition to the recommended courses, item writers used the following references for information when writing exam questions. It is recommended that you study the reference content as you prepare to take the exam, in addition to any recommended training.

---

QUESTION 1
Which file can be used to validate repcli authentication was enabled for Carbon Black Cloud?

A. C:\Program Files\Confer\repcii.ini
B. C:\Program Files\Confer\config.ini
C. C:\Program Files\Confer\cfg.ini
D. C:\Program Files\Confer\cli.ini

Answer: A

---

QUESTION 2
Which is the correct Distinguished Name for connecting NSX-T Data Center to Active Directory,
if your directory name is corp. local?

A. corp. local
B. DC=corp. local
C. DC=corp, DC=local
D. DC=local, DC=corp

Answer: C

---

QUESTION 3
What are two valid time limit selections when creating a Last Seen compliance policy in Workspace ONE
UEM? (Choose two.)

A. Hours
B. Minutes
C. Days
D. Weeks
E. Months

Answer: B,C

---

QUESTION 4
Which is true about Time-Based Firewall Policy rules?

A. Time-Based policy rules apply only to the NSX Distributed Firewall.
B. Time-Based policy rules apply to the NSX Gateway and Distributed Firewall.
C. Time-Based policy rules can only be used one time for NSX Gateway Firewall.
D. Time-Based policy rules apply only to the NSX Gateway Firewall.

Answer: B

Examkingdom VMware 2V0-81.20 Exam pdf, Certkingdom VMware 2V0-81.20 PDF

Best VMware 2V0-81.20 Certification, VMware 2V0-81.20 Training at certkingdom.com