NSE 7 – OT Security 7.2 — Question 41

FortiAnalyzer is implemented in the OT network to receive logs from responsible FortiGate devices. The logs must be processed by FortiAnalyzer.
In this scenario, which statement is correct about the purpose of FortiAnalyzer receiving and processing multiple log messages from a given PLC or RTU?

Answer options

• A. To isolate PLCs or RTUs in the event of external attacks
• B. To configure event handlers and take further action on FortiGate
• C. To determine which type of messages from the PLC or RTU causes issues in the plant
• D. To help OT administrators configure the network and prevent breaches

Correct answer: C

Explanation

The correct answer is C because FortiAnalyzer's role is to analyze log messages to identify issues stemming from specific PLCs or RTUs. Options A, B, and D do not accurately describe the primary function of processing logs, which focuses on troubleshooting and understanding issues rather than preventing attacks or configuring the network.