New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

NSE5_FSM-6.3 Fortinet NSE 5 - FortiSIEM 6.3 Questions and Answers

Questions 4

Refer to the exhibit.

An administrator is trying to identify an issue using an expression bated on the Expression Builder settings shown in the exhibit however, the error message shown in the exhibit indicates that the expression is invalid.

Which is the correct expression?

Options:

A.

Matched Events COUNT()

B.

Matched Events(COUNT)

C.

COUNT(Matched Events)

D.

(COUNT) Matched Events

Buy Now
Questions 5

Which statement about global thresholds and per device thresholds is true?

Options:

A.

FortiSIEM uses global and per device thresholds tor all performance metrics.

B.

FortiSIEM uses global thresholds for all performance metrics.

C.

FortiSIEM uses fixed hardcoded thresholds for all performance metrics.

D.

FortiSIEM uses global thresholds for all security metrics.

Buy Now
Questions 6

When configuring collectors located in geographically separated sites, what ports must be open on a front end firewall?

Options:

A.

HTTPS, from the collector to the worker upload settings address only

B.

HTTPS, from the collector to the supervisor and worker upload settings addresses

C.

HTTPS, from the Internet to the collector

D.

HTTPS, from the Internet to the collector and from the collector to the FortiSIEM cluster

Buy Now
Questions 7

An administrator wants to search for events received from Linux and Windows agents.

Which attribute should the administrator use in search filters, to view events received from agents only.

Options:

A.

External Event Receive Protocol

B.

Event Received Proto Agents

C.

External Event Receive Raw Logs

D.

External Event Receive Agents

Buy Now
Questions 8

An administrator is using SNMP and WMI credentials to discover a Windows device. How will the WMI method handle this?

Options:

A.

WMI method will collect only traffic and IIS logs.

B.

WMI method will collect only DNS logs.

C.

WMI method will collect only DHCP logs.

D.

WMI method will collect security, application, and system events logs.

Buy Now
Questions 9

Which FortiSIEM feature must you use to produce a report on which FortiGate devices in your environment are running which firmware version?

Options:

A.

Run an analytic search.

B.

Run a query using the Inventory tab.

C.

Run a baseline report.

D.

Run a CMDB report

Buy Now
Questions 10

Which FortiSIEM components can do performance availability and performance monitoring?

Options:

A.

Supervisor, worker, and collector

B.

Supervisor and workers only

C.

Supervisor only

D.

Collectors only

Buy Now
Questions 11

How is a subparttern for a rule defined?

Options:

A.

Filters Aggregation. Group By definition

B.

Filters Group By definitions. Threshold

C.

Filters Threshold Time Window definitions

D.

Filters Aggregation Time Window definitions

Buy Now
Questions 12

Refer to the exhibit.

An administrator is investigating a FortiSIEM license issue.

The procedure is for which offline licensing condition?

Options:

A.

The procedure is for offline license debug.

B.

The procedure is for offline license registration.

C.

The procedure is for offline license validation.

D.

The procedure is for offline license verification.

Buy Now
Questions 13

What is a prerequisite for FortiSIEM Linux agent installation?

Options:

A.

The web server must be installed on the Linux server being monitored

B.

The auditd service must be installed on the Linux server being monitored

C.

The Linux agent manager server must be installed.

D.

Both the web server and the audit service must be installed on the Linux server being monitored

Buy Now
Questions 14

What are the four categories of incidents?

Options:

A.

Devices, users, high risk, and low risk

B.

Performance, devices, high risk, and low risk

C.

Performance, availability, security, and change

D.

Security, change, high risk, and low risk

Buy Now
Questions 15

FortiSIEM is deployed in disaster recovery mode.

When disaster strikes, which two tasks must you perform manually to achieve a successful disaster recovery operation? (Choose two.)

Options:

A.

Promote the secondary workers to the primary rotes using the phSecworker2priworker command.

B.

Promote the secondary supervisor to the primary role using the phSecondary2primary command.

C.

Change the DNS configuration to ensure that users, devices, and collectors log in to the secondary FortiSIEM.

D.

Change the configuration for shared storage NFS configured for EventDB to the secondary FortiSIEM.

Buy Now
Exam Code: NSE5_FSM-6.3
Exam Name: Fortinet NSE 5 - FortiSIEM 6.3
Last Update: Dec 22, 2024
Questions: 50
NSE5_FSM-6.3 pdf

NSE5_FSM-6.3 PDF

$25.5  $84.99
NSE5_FSM-6.3 Engine

NSE5_FSM-6.3 Testing Engine

$30  $99.99
NSE5_FSM-6.3 PDF + Engine

NSE5_FSM-6.3 PDF + Testing Engine

$40.5  $134.99