NSE5_FSM-5.2 Online Practice Questions and Answers

What operating system is FortiSIEM based on?

A. Cent OS

B. Microsoft Windows

C. RedHat

D. Ubuntu

What is a prerequisite for FortiSIEM Linux agent installation?

A. The web server must be installed on the Linux server being monitored

B. The auditd service must be installed on the Linux server being monitored

C. The Linux agent manager server must be installed.

D. Both the web server and the audit service must be installed on the Linux server being monitored

Refer to the exhibit.

How was the FortiGate device discovered by FortiSIEM?

A. Through GUI log discovery

B. Through syslog discovery

C. Using the pull events method

D. Through auto log discovery

To determine SNMP discovery issues, which is the best command from the backend?

A. snmpwalk

B. phSNMPTest

C. snmptest

D. ssh

An administrator defines SMTP as a critical process on a Linux server. If the SMTP process is stopped, FortiSIEM would generate a critical event with which event type?

A. PH_DEV_MON_PROC_STOP

B. Postfix-Mail-Slop

C. Generic_SMTP_Process_Exit

D. PH_DEV_MON_SMTP_STOP

Refer to the exhibit.

A FortiSlEM administrator wants to group some attributes for a report, but is not able to do so successfully. As shown in the exhibit, why are some of the fields highlighted in red?

A. The Event Receive Time attribute is not available for logs.

B. The attribute COUNT(Matched event) is an invalid expression.

C. Unique attributes cannot be grouped.

D. No RAW Event Log attribute is available for devices.

What are the minimum memory requirements for the FortiSIEM supervisor virtual appliance, when the proprietary flat file database is used?

A. 16GB RAM

B. 32GB RAM

C. 64GB RAM

D. 24GB RAM

Which protocol is almost always required for the FortiSIEM GUI discovery process?

A. SNMP

B. WMI

C. Syslog D. Telnet

Which item is required to register a FortiSIEM appliance license?

A. Static storage

B. Static MAC address

C. Static IP address

D. Static Hardware ID

Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.

Based on the selected fillers shown in the exhibit, why is the search returning no results?

A. Parenthesis are missing

B. The wrong boolean operator is selected in the Next column

C. The wrong option is selected in the Operator column

D. An invalid IP subnet is typed in the Value column