NSE 7 – OT Security 7.2 — Question 2

Which two statements are true when you deploy FortiGate as an offline IDS? (Choose two.)

Answer options

• A. Network traffic goes through FortiGate.
• B. Network attacks can be detected and blocked.
• C. FortiGate acts as network sensor.
• D. FortiGate receives traffic from configured port mirroring.

Correct answer: C, D

Explanation

The correct answers are C and D because when FortiGate is deployed as an offline IDS, it operates as a network sensor (C) and relies on port mirroring (D) to receive traffic without being inline in the network path. Options A and B are incorrect since, in offline mode, the device cannot block attacks and does not have direct access to network traffic.