Fortinet NSE5_FSM-5.2 Exam Practice Test Instant Access

Question 1

What operating system is FortiSIEM based on?

ACentOS

BMicrosoftWindows

CRedHat

DUbuntu

Answer : A

Question 2

In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?

ATime Window

BAggregation

CGroup By

DFilters

Answer : B

Question 3

What protocol can be used to collect Windows event logs in an agentless method?

ASSH

BSNMP

CWMI

DSMTP

Answer : C

Question 4

What are the four categories of incidents?

ADevices, users, high risk, and low risk

BPerformance, availability, security, and change

CPerformance, devices, high risk, and low risk

DSecurity, change, high risk, and low risk

Answer : B

Question 5

Refer to the exhibit.

An administrator is trying to identify an issue using an expression bated on the Expression Builder settings shown in the exhibit however, the error message shown in the exhibit indicates that the expression is invalid.

Which is the correct expression?

AMatched Events COUNT()

BMatched Events(COUNT)

CCOUNT(Matched Events)

D(COUNT) Matched Events

Answer : C

Question 6

What is the best discovery scan option for a network environment where ping is disabled on all network devices?

ASmartscan

BRangescan

CCMDBscan

DL2 scan

Answer : A

Question 7

Which database is used for storing anomaly data, that is calculated for different parameters, such as traffic and device resource usage running averages, and standard deviation values?

AProfile DB

BEvent DB

CCMDB

DSVN DB

Answer : A

Fortinet NSE5_FSM-5.2 Fortinet NSE 5 - FortiSIEM 5.2 Exam Practice Test