NSE 7 – OT Security 7.2 — Question 42

An organization has deployed an entry-level FortiGate device in their operational technology (OT) network. The administrator is looking for a simple solution to detect and block all network intrusions in that specific part of the network without any false positive activities.

Which solution should the administrator use to achieve this goal?

Answer options

• A. Configure a local-in firewall policy.
• B. Block all foreign inbound traffic.
• C. Enable intrusion prevention system (IPS) and use the regular signature database.
• D. Enable the industrial signature database in the IPS global setting.

Correct answer: D

Explanation

The correct answer is D because the industrial signature database is specifically designed to recognize threats in operational technology environments, minimizing the risk of false positives. Options A and B do not provide comprehensive intrusion detection, while option C uses a regular signature database that may not be tailored for OT networks, potentially leading to missed threats or false alerts.