Asset Identification and Management Quiz

Questions and Answers

What is one of the main activities included in assets identification and management for any ICS?

• Creation of an asset inventory (correct)
• Deployment of secure VPN with conditional access
• Execution of multi-factor authentication
• Implementation of network access control

What is the purpose of identifying which network protocols are being used by the critical assets?

• To understand the communication methods used by critical assets (correct)
• To implement role-based access control
• To achieve ease of use and flexibility
• To enable secure VPN with conditional access

Which tool is used for the identification of network protocols being used by the critical assets?

• Network access control
• NGFW
• FortiNAC
• FortiSIEM (correct)

What is the main goal of access control in an O.T environment?

To access the assets easily and securely (B)

What is the purpose of creating a network topology through asset identification and management activities?

To have an accurate representation of the network structure (A)

Which tool can be used in an O.T network to achieve the objectives of asset identification and management activities?

FortiSIEM (A)

What is the purpose of multi-factor authentication in an O.T environment?

To enhance security by requiring multiple forms of verification (B)

What is the main reason for implementing role-based access control in an O.T environment?

To restrict access based on job responsibilities (A)

What is the purpose of secure VPN with conditional access in an O.T environment?

To provide secure access based on specific conditions (B)

What is the role of FortiNAC in an O.T network?

Network access control (C)

What is the primary purpose of NGFW in an O.T network?

To provide advanced threat protection and visibility (A)

What is the purpose of SSO capabilities in an O.T environment?

To enable users to access multiple applications with a single login (C)

What is the primary function of FortiAuthenticator in an O.T environment?

Enabling access control for approved applications (C)

Which tool is essential for achieving micro-segmentation with the access V-LAN in an O.T environment?

FortiNAC (A)

What is the most critical boundary in an O.T environment, as per the text?

I.T/O.T boundary (C)

Which device is a requirement in the NERC-CIP standard for controlling inbound and outbound communication in an O.T environment?

Electronic access point (EAP) (C)

Which tool is crucial for collecting critical information such as events, alerts, and incident logging in both I.T and O.T environments?

FortiSIEM (B)

What is a crucial element in the framework for performing threat hunting and identifying possible threats to the O.T network?

Logging and reporting (C)

What is the primary function of FortiSOAR in incident response in an O.T environment?

Automating the response to reported incidents (A)

What is the main purpose of utilizing the Fortinet Security Fabric in an O.T environment?

Linking access logs, device information, and network traffic for post-incident forensics (A)

What is a critical task in risk assessment and management for any organization?

Defining threat hunting strategies (B)

Which tool can provide security ratings for the Fortinet network security scope against ICS guidelines?

FortiManager (C)

What is the primary goal of access control in an O.T environment?

Enabling secure access to approved applications (B)

What is the key advantage of the single-pane-of-glass approach in incident review?

Linking access logs, device information, and network traffic for a complete picture (D)