March Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Fortinet NSE5_FSM-5.2 Fortinet NSE 5 - FortiSIEM 5.2 Exam Practice Test

Demo: 6 questions
Total 42 questions

Fortinet NSE 5 - FortiSIEM 5.2 Questions and Answers

Question 1

Which FortiSIEM components are capable of performing device discovery?

Options:

A.

FortiSIEM Windows agent

B.

Worker

C.

FortiSIEM Linux agent

D.

Collector

Question 2

In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?

Options:

A.

Time Window

B.

Aggregation

C.

Group By

D.

Filters

Question 3

Which item is required to register a FortiSIEM appliance license?

Options:

A.

Static storage

B.

Static MAC address

C.

Static IP address

D.

Static Hardware ID

Question 4

What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?

Options:

A.

The CMDB database must be on NFS

B.

The event database must be on NFS

C.

The event database must be on a local disk

D.

The \archive mount must be on a local disk

Question 5

What are the four categories of incidents?

Options:

A.

Devices, users, high risk, and low risk

B.

Performance, availability, security, and change

C.

Performance, devices, high risk, and low risk

D.

Security, change, high risk, and low risk

Question 6

If a performance rule is triggered repeatedly due to high CPU use. what occurs m the incident table?

Options:

A.

A new incident is created each time the rule is triggered, and the First Seen and Last Seen times are updated.

B.

The incident status changes to Repeated and the First Seen and Last Seen times are updated.

C.

A new incident is created based on the Rule Frequency value, and the First Seen and Last Seen times are updated

D.

The Incident Count value increases, and the First Seen and Last Seen tomes update

Demo: 6 questions
Total 42 questions