Valid NSE5_FSM-5.2 Test Answers & Fortinet NSE5_FSM-5.2 Exam PDF [Q25-Q40]

Rate this post

Valid NSE5_FSM-5.2 Test Answers & Fortinet NSE5_FSM-5.2 Exam PDF

Fortinet NSE5_FSM-5.2 Certification Real 2022 Mock Exam

NO.25 What are the four categories of incidents?

Devices, users, high risk, and low risk

Performance, availability, security, and change

Performance, devices, high risk, and low risk

Security, change, high risk, and low risk

NO.26 Which database is used for storing anomaly data, that is calculated for different parameters, such as traffic and device resource usage running averages, and standard deviation values?

Profile DB

Event DB

CMDB

SVN DB

NO.27 Refer to the exhibit.

If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?

Seven results will be displayed.

There results will be displayed.

Unique attribute cannot be grouped.

Five results will be displayed.

NO.28 Refer to the exhibit.

What do the yellow stars listed in the Monitor column indicate?

A yellow star indicates that a metric was applied during discovery, and data has been collected successfully

A yellow star indicates that a metric was applied during discovery, but data collection has not started

A yellow star indicates that a metric was applied during discovery, but FortiSIEM is unable to collect data.

A yellow star indicates that a metric was not applied during discovery and, therefore, FortiSEIM was unable to collect data.

NO.29 Which FortiSIEM components can do performance availability and performance monitoring?

Supervisor, worker, and collector

Supervisor and workers only

Supervisor only

Collectors only

NO.30 If an incident’s status is Cleared, what does this mean?

Two hours have passed since the incident occurred and the incident has not reoccurred.

A clear condition set on a rule was satisfied.

A security rule issue has been resolved.

The incident was cleared by an operator.

NO.31 What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?

The CMDB database must be on NFS

The event database must be on NFS

The event database must be on a local disk

The archive mount must be on a local disk

NO.32 Refer to the exhibit.

If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?

Eight results will be displayed

Four results will be displayed

Two results will be displayed

Unique attributes cannot be grouped

NO.33 Refer to the exhibit.

Three events are collected over a 10-minutc time period from two servers Server A and Server B.
Based on the settings being used for the rule subpattern. how many incidents will the servers generate?

Server A will not generate any incidents and Server B will not generate any incidents

Server A will generate one incident and Server B wifl generate one incident

Server A will generate one incident and Server B will not generate any incidents

Server B will generate one incident and Server A will not generate any incidents

NO.34 What protocol can be used to collect Windows event logs in an agentless method?

SSH

SNMP

WMI

SMTP

NO.35 Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.
Based on the selected fillers shown in the exhibit, why is the search returning no results?

Parenthesis are missing

The wrong boolean operator is selected in the Next column

The wrong option is selected in the Operator column

An invalid IP subnet is typed in the Value column

NO.36 Refer to the exhibit.

How was the FortiGate device discovered by FortiSIEM?

Through GUI log discovery

Through syslog discovery

Using the pull events method

Through auto log discovery

NO.37 Which command displays the Linux agent status?

Service Ao-linux-agent status

Service linux-agent status

Service fortisiem-linux-agent status

Service fsm-linux-agent status

NO.38 Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.
Based on the selected fillers shown in the exhibit, why is the search returning no results?

Parenthesis are missing

The wrong boolean operator is selected in the Next column

The wrong option is selected in the Operator column

An invalid IP subnet is typed in the Value column

NO.39 An administrator wants to search for events received from Linux and Windows agents.
Which attribute should the administrator use in search filters, to view events received from agents only.

External Event Receive Protocol

Event Received Proto Agents

External Event Receive Raw Logs

External Event Receive Agents

NO.40 In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?

Time Window

Aggregation

Group By

Filters

Loading …

NSE5_FSM-5.2 Exam Questions and Valid NSE5_FSM-5.2 Dumps PDF: https://www.prepawaytest.com/Fortinet/NSE5_FSM-5.2-practice-exam-dumps.html

Leave a Reply Cancel reply