Fortinet NSE5_FSM-5.2 Exam Practice Test Instant Access

Question 1

Refer to the exhibit.

How was the FortiGate device discovered by FortiSIEM?

AThrough GUI log discovery

BThrough syslog discovery

CUsing the pull events method

DThrough auto log discovery

Answer : A

Question 2

If an incident's status is Cleared, what does this mean?

ATwo hours have passed since the incident occurred and the incident has not reoccurred.

BA clear condition set on a rule was satisfied.

CA security rule issue has been resolved.

DThe incident was cleared by an operator.

Answer : B

Question 3

Which database is used for storing anomaly data, that is calculated for different parameters, such as traffic and device resource usage running averages, and standard deviation values?

AProfile DB

BEvent DB

CCMDB

DSVN DB

Answer : A

Question 4

Which command displays the Linux agent status?

AService fsm-linux-agent status

BService Ao-linux-agent status

CService fortisiem-linux-agent status

DService linux-agent status

Answer : C

Question 5

Which item is required to register a FortiSIEM appliance license?

AStaticstorage

BStaticMACaddress

CStaticIPaddress

DStatic Hardware ID

Answer : D

Question 6

Which FortiSIEM components are capable of performing device discovery?

AFortiSIEM Windows agent

BWorker

CFortiSIEM Linux agent

DCollector

Answer : D

Question 7

Which two FortiSIEM components work together to provide real-time event correlation?

ACollector and Windows agent

BSupervisor and worker

CWorker and collector

DSupervisor and collector

Answer : D

Fortinet NSE 5 - FortiSIEM 5.2 NSE5_FSM-5.2 Exam Practice Test