Fortinet NSE5_FSM-5.2 Exam Questions Instant Access

Question 1

In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?

ATime Window

BAggregation

CGroup By

DFilters

Answer : B

Question 2

If a performance rule is triggered repeatedly due to high CPU use. what occurs m the incident table?

AA new incident is created each time the rule is triggered, and the First Seen and Last Seen times are updated.

BThe incident status changes to Repeated and the First Seen and Last Seen times are updated.

CA new incident is created based on the Rule Frequency value, and the First Seen and Last Seen times are updated

DThe Incident Count value increases, and the First Seen and Last Seen tomes update

Answer : A

Question 3

What is a prerequisite for FortiSIEM Linux agent installation?

AThe web server must be installed on the Linux server being monitored

BThe auditd service must be installed on the Linux server being monitored

CThe Linux agent manager server must be installed.

DBoth the web server and the audit service must be installed on the Linux server being monitored

Answer : D

Question 4

Which command displays the Linux agent status?

AService fsm-linux-agent status

BService Ao-linux-agent status

CService fortisiem-linux-agent status

DService linux-agent status

Answer : C

Question 5

Which FortiSIEM components are capable of performing device discovery?

AFortiSIEM Windows agent

BWorker

CFortiSIEM Linux agent

DCollector

Answer : D

Question 6

In the advanced analytical rules engine in FortiSIEM, multiple subpatterms can be referenced using which three operation?(Choose three.)

AELSE

BNOT

CFOLLOWED_BY

DOR

EAND

Answer : A, B, E

Question 7

Which FortiSIEM components can do performance availability and performance monitoring?

ASupervisor, worker, and collector

BSupervisor and workers only

CSupervisor only

DCollectors only

Answer : A

Fortinet NSE 5 - FortiSIEM 5.2 NSE5_FSM-5.2 Exam Questions