Fortinet NSE5_FSM-5.2 Exam Practice Test Instant Access

Question 1

What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?

AThe CMDB database must be on NFS

BThe event database must be on NFS

CThe event database must be on a local disk

DThe \archive mount must be on a local disk

Answer : B

Question 2

Refer to the exhibit.

A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server

Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?

ATELNET

BWMI

CLDAPS

DLDAP start TLS

Answer : A

Question 3

Which database is used for storing anomaly data, that is calculated for different parameters, such as traffic and device resource usage running averages, and standard deviation values?

AProfile DB

BEvent DB

CCMDB

DSVN DB

Answer : A

Question 4

What operating system is FortiSIEM based on?

ACentOS

BMicrosoftWindows

CRedHat

DUbuntu

Answer : A

Question 5

Which two export methods are available for FortiSIEM analytics results? (Choose two.)

ACSV

BPNG

CHTML

DPDF

Answer : A, D

Question 6

Refer to the exhibit.

Three events are collected over a 10-minutc time period from two servers Server A and Server B.

Based on the settings being used for the rule subpattern. how many incidents will the servers generate?

AServer A will not generate any incidents and Server B will not generate any incidents

BServer A will generate one incident and Server B wifl generate one incident

CServer A will generate one incident and Server B will not generate any incidents

DServer B will generate one incident and Server A will not generate any incidents

Answer : A

Question 7

What protocol can be used to collect Windows event logs in an agentless method?

ASSH

BSNMP

CWMI

DSMTP

Answer : C

Fortinet NSE5_FSM-5.2 Fortinet NSE 5 - FortiSIEM 5.2 Exam Practice Test