1 / 11

Fortinet NSE 5 - FortiSIEM 5.2 NSE5_FSM-5.2 Practice Test Questions

Make sure you practice PassQuestion Fortinet NSE 5 - FortiSIEM 5.2 NSE5_FSM-5.2 Practice Test Questions multiple times so that you will be able to achieve high score in your exam.

examquestionsonline
Download Presentation

Fortinet NSE 5 - FortiSIEM 5.2 NSE5_FSM-5.2 Practice Test Questions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NSE5_FSM-5.2 Free Questions NSE5_FSM-5.2 Free Questions Fortinet NSE 5 - FortiSIEM 5.2 Fortinet NSE 5 - FortiSIEM 5.2 https://www.passquestion.com/ https://www.passquestion.com/NSE5_FSM-5.2 NSE5_FSM-5.2.html .html

  2. Question 1 Question 1 To determine whether or not syslog is being received from a network device, which is the To determine whether or not syslog is being received from a network device, which is the best command from the backend? best command from the backend? A. tcpdump A. tcpdump B. phDeviceTest B. phDeviceTest C. netcat C. netcat D. phSyslogRecorder D. phSyslogRecorder Answer: A Answer: A

  3. Question 2 Question 2 What operating system is FortiSIEM based on? What operating system is FortiSIEM based on? A. Cent OS A. Cent OS B. Microsoft Windows B. Microsoft Windows C. RedHat C. RedHat D. Ubuntu D. Ubuntu Answer: A Answer: A

  4. Question 3 Question 3 A FortiSIEM supervisor at headquarters is struggling to keep up with an increase of EPS (Events Per A FortiSIEM supervisor at headquarters is struggling to keep up with an increase of EPS (Events Per Second) being reported across the enterprise. Second) being reported across the enterprise. What components should an administrator consider deploying to assist the supervisor with What components should an administrator consider deploying to assist the supervisor with processing data? processing data? A. Supervisor A. Supervisor B. Worker B. Worker C. Collector C. Collector D. Agent D. Agent Answer: B Answer: B

  5. Question 4 Question 4 What protocol can be used to collect Windows event logs in an agentless method? What protocol can be used to collect Windows event logs in an agentless method? A. SSH A. SSH B. SNMP B. SNMP C. WMI C. WMI D. SMTP D. SMTP Answer: C Answer: C

  6. Question 5 Question 5 If the reported packet loss is between 50% and 98%. which status is assigned to the device in the If the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard? Availability column of summary dashboard? A. Down status is assigned because of packet loss. A. Down status is assigned because of packet loss. B. Up status is assigned because of received packets B. Up status is assigned because of received packets C. Critical status is assigned because of reduction in number of packets received C. Critical status is assigned because of reduction in number of packets received D. Degraded status is assigned because of packet loss D. Degraded status is assigned because of packet loss Answer: D Answer: D

  7. Question 6 Question 6 What is a prerequisite for FortiSIEM Linux agent installation? What is a prerequisite for FortiSIEM Linux agent installation? A. The web server must be installed on the Linux server being monitored A. The web server must be installed on the Linux server being monitored B. The auditd service must be installed on the Linux server being monitored B. The auditd service must be installed on the Linux server being monitored C. The Linux agent manager server must be installed. C. The Linux agent manager server must be installed. D. Both the web server and the audit service must be installed on the Linux server being monitored D. Both the web server and the audit service must be installed on the Linux server being monitored Answer: D Answer: D

  8. Question 7 Question 7 Which FortiSIEM components are capable of performing device discovery? Which FortiSIEM components are capable of performing device discovery? A. FortiSIEM Windows agent A. FortiSIEM Windows agent B. Worker B. Worker C. FortiSIEM Linux agent C. FortiSIEM Linux agent D. Collector D. Collector Answer: D Answer: D

  9. Question 8 Question 8 If a performance rule is triggered repeatedly due to high CPU use. what occurs m the incident table? If a performance rule is triggered repeatedly due to high CPU use. what occurs m the incident table? A. A new incident is created each time the rule is triggered, and the First Seen and Last Seen times are A. A new incident is created each time the rule is triggered, and the First Seen and Last Seen times are updated. updated. B. The incident status changes to Repeated and the First Seen and Last Seen times are updated. B. The incident status changes to Repeated and the First Seen and Last Seen times are updated. C. A new incident is created based on the Rule Frequency value, and the First Seen and Last Seen C. A new incident is created based on the Rule Frequency value, and the First Seen and Last Seen times are updated times are updated D. The Incident Count value increases, and the First Seen and Last Seen tomes update D. The Incident Count value increases, and the First Seen and Last Seen tomes update Answer: A Answer: A

  10. Question 9 Question 9 In FotiSlEM enterprise licensing mode, if the link between the collector and data center FortiSlEM In FotiSlEM enterprise licensing mode, if the link between the collector and data center FortiSlEM cluster a down what happens? cluster a down what happens? A. The collector drops incoming events like syslog. but slops performance collection A. The collector drops incoming events like syslog. but slops performance collection B. The collector continues performance collection of devices, but stops receiving syslog B. The collector continues performance collection of devices, but stops receiving syslog C. The collector buffers events C. The collector buffers events D. The collector processes stop, and events are dropped D. The collector processes stop, and events are dropped Answer: D Answer: D

  11. Question 10 Question 10 A FortiSIEM administrator wants to restrict a network administrator to running searches A FortiSIEM administrator wants to restrict a network administrator to running searches for only firewall devices. for only firewall devices. Under role management, which option does the FortiSIEM administrator need to Under role management, which option does the FortiSIEM administrator need to configure to achieve this scenario? configure to achieve this scenario? A. CMDB Report Conditions A. CMDB Report Conditions B. Data Conditions B. Data Conditions C. UI Access C. UI Access Answer: B Answer: B

More Related