Fortinet NSE5_FSM-5.2 Exam Practice Test Instant Access

Question 1

What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?

AThe CMDB database must be on NFS

BThe event database must be on NFS

CThe event database must be on a local disk

DThe \archive mount must be on a local disk

Answer : B

Question 2

If the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?

ADown status is assigned because of packet loss.

BUp status is assigned because of received packets

CCritical status is assigned because of reduction in number of packets received

DDegraded status is assigned because of packet loss

Answer : D

Question 3

Refer to the exhibit.

If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?

AEight results will be displayed

BFour results will be displayed

CTwo results will be displayed

DUnique attributes cannot be grouped

Answer : D

Question 4

Which process converts Raw log data to structured data?

AData enrichment

BData classification

CData parsing

DData validation

Answer : C

Question 5

To determine SNMP discovery issues, which is the best command from the backend?

Asnmpwalk

BphSNMPTest

Csnmptest

Dssh

Answer : A

Question 6

Which two FortiSIEM components work together to provide real-time event correlation?

ACollector and Windows agent

BSupervisor and worker

CWorker and collector

DSupervisor and collector

Answer : D

Question 7

Which FortiSIEM components are capable of performing device discovery?

AFortiSIEM Windows agent

BWorker

CFortiSIEM Linux agent

DCollector

Answer : D

Fortinet NSE 5 - FortiSIEM 5.2 NSE5_FSM-5.2 Exam Practice Test