Fortinet NSE5_FSM-6.3 Exam Questions Instant Access

Question 1

An administrator is investigating the slow performance of a FortiSlEM device.

Which command provides information about the CPU usage of FortiSlEM processes, disk usage, and EPS?

A./phxct1 --all

B./phstatus --a

C./phtools -a

D./phnfsstat.

Answer : B

Question 2

What are two tasks that you must do to make a secondary FortiSIEM device ready for disaster recovery? (Choose two.)

AConfigure the replication of CMDB database.

BConfigure the replication of license and license entitlements.

CConfigure the replication of FortiSIEM certificates.

DConfigure the replication of profile data.

Answer : A, D

Question 3

In me FortiSIEM CLI. which command must you use to determine whether or not syslog is being received from a network device?

Atcpdump

BOphSyslogRecorder

COnetcat

DphDeviceTest

Answer : A

Syslog Reception Verification: To verify whether syslog messages are being received from a network device, a network packet capture tool can be used.

tcpdump Command: tcpdump is a powerful command-line packet analyzer tool available in Unix-like operating systems. It allows administrators to capture and analyze network traffic.

Usage: By using tcpdump with the appropriate filters (e.g., port 514 for syslog), administrators can monitor the incoming syslog messages in real-time to verify if they are being received.

Example Command: tcpdump -i <interface> port 514 captures the syslog messages on the specified network interface.

Reference: FortiSIEM 6.3 User Guide, CLI Commands section, which details the usage of tcpdump for network traffic analysis and verification of syslog reception.

Question 4

Refer to the exhibit.

What do the yellow stars listed in the Monitor column indicate?

AA yellow star indicates that a metric was applied during discovery, and data has been collected successfully

BA yellow star indicates that a metric was applied during discovery, but data collection has not started

CA yellow star indicates that a metric was applied during discovery, but FortiSIEM is unable to collect data.

DA yellow star indicates that a metric was not applied during discovery and, therefore, FortiSEIM was unable to collect data.

Answer : B

Monitor Column Indicators: In FortiSIEM, the Monitor column displays the status of various metrics applied during the discovery process.

Yellow Star Meaning: A yellow star next to a metric indicates that the metric was successfully applied during discovery and data has been collected for that metric.

Successful Data Collection: This visual indicator helps administrators quickly identify which metrics are active and have data available for analysis.

Reference: FortiSIEM 6.3 User Guide, Device Monitoring section, which explains the significance of different icons and indicators in the Monitor column.

Question 5

When configuring collectors located in geographically separated sites, what ports must be open on a front end firewall?

AHTTPS, from the collector to the worker upload settings address only

BHTTPS, from the collector to the supervisor and worker upload settings addresses

CHTTPS, from the Internet to the collector

DHTTPS, from the Internet to the collector and from the collector to the FortiSIEM cluster

Answer : B

FortiSIEM Architecture: In FortiSIEM, collectors gather data from various sources and send this data to supervisors and workers within the FortiSIEM architecture.

Communication Requirements: For collectors to effectively send data to the FortiSIEM system, specific communication channels must be open.

Port Usage: The primary port used for secure communication between the collectors and the FortiSIEM infrastructure is HTTPS (port 443).

Network Configuration: When configuring collectors in geographically separated sites, the HTTPS port must be open for the collectors to communicate with both the supervisor and the worker upload settings addresses. This ensures that the collected data can be securely transmitted to the appropriate processing and analysis components.

Reference: FortiSIEM 6.3 Administration Guide, Network Ports section details the necessary ports for communication within the FortiSIEM architecture.

Question 6

Which protocol do collectors use to communicate with a FortiSIEM cluster?

ASyslog

BSNMP

CHTTPS

DSMTP

Answer : C

Question 7

Where must you configure rule notifications and automated remediation on FortiSIEM?

ANotification engine

BResponse policies

CEmail and scripting alerts

DNotification policy

Answer : B

Fortinet NSE 5 - FortiSIEM 6.3 NSE5_FSM-6.3 Exam Questions