Certbus > Fortinet > Fortinet Certifications > NSE5_FSM-5.2 > NSE5_FSM-5.2 Online Practice Questions and Answers

NSE5_FSM-5.2 Online Practice Questions and Answers

Questions 4

To determine whether or not syslog is being received from a network device, which is the best command from the backend?

A. tcpdump

B. phDeviceTest

C. netcat

D. phSyslogRecorder

Browse 42 Q&As
Questions 5

A FortiSIEM supervisor at headquarters is struggling to keep up with an increase of EPS (Events Per Second) being reported across the enterprise. What components should an administrator consider deploying to assist the supervisor with processing data?

A. Supervisor

B. Worker

C. Collector

D. Agent

Browse 42 Q&As
Questions 6

Which FortiSIEM components are capable of performing device discovery?

A. FortiSIEM Windows agent

B. Worker

C. FortiSIEM Linux agent

D. Collector

Browse 42 Q&As
Questions 7

To determine SNMP discovery issues, which is the best command from the backend?

A. snmpwalk

B. phSNMPTest

C. snmptest

D. ssh

Browse 42 Q&As
Questions 8

Which three ports can be used to send Syslogs to FortiSIEM? (Choose three.)

A. UDP9999

B. UDP 162

C. TCP 514

D. UDP 514

E. TCP 1470

Browse 42 Q&As
Questions 9

An administrator defines SMTP as a critical process on a Linux server. If the SMTP process is stopped, FortiSIEM would generate a critical event with which event type?

A. PH_DEV_MON_PROC_STOP

B. Postfix-Mail-Slop

C. Generic_SMTP_Process_Exit

D. PH_DEV_MON_SMTP_STOP

Browse 42 Q&As
Questions 10

Which discovery scan type is prone to miss a device, if the device is quiet and the entry foe that device is not present in the ARP table of adjacent devices?

A. CMDB scan

B. L2 scan

C. Range scan

D. Smart scan

Browse 42 Q&As
Questions 11

What are the four possible incident status values?

A. Active, dosed, cleared, open

B. Active, cleared, cleared manually, system cleared

C. Active, closed, manual, resolved

D. Active, auto cleared, manual, false positive

Browse 42 Q&As
Questions 12

In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?

A. Time Window

B. Aggregation

C. Group By

D. Filters

Browse 42 Q&As
Questions 13

Refer to the exhibit.

What do the yellow stars listed in the Monitor column indicate?

A. A yellow star indicates that a metric was applied during discovery, and data has been collected successfully

B. A yellow star indicates that a metric was applied during discovery, but data collection has not started

C. A yellow star indicates that a metric was applied during discovery, but FortiSIEM is unable to collect data.

D. A yellow star indicates that a metric was not applied during discovery and, therefore, FortiSEIM was unable to collect data.

Browse 42 Q&As
Questions 14

Refer to the exhibit.

If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?

A. Seven results will be displayed.

B. There results will be displayed.

C. Unique attribute cannot be grouped.

D. Five results will be displayed.

Browse 42 Q&As
Questions 15

What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?

A. The CMDB database must be on NFS

B. The event database must be on NFS

C. The event database must be on a local disk

D. The \archive mount must be on a local disk

Browse 42 Q&As
Questions 16

Which two FortiSIEM components work together to provide real-time event correlation?

A. Collector and Windows agent

B. Supervisor and worker

C. Worker and collector

D. Supervisor and collector

Browse 42 Q&As
Questions 17

Which item is required to register a FortiSIEM appliance license?

A. Static storage

B. Static MAC address

C. Static IP address

D. Static Hardware ID

Browse 42 Q&As
Questions 18

Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.

Based on the selected fillers shown in the exhibit, why is the search returning no results?

A. Parenthesis are missing

B. The wrong boolean operator is selected in the Next column

C. The wrong option is selected in the Operator column

D. An invalid IP subnet is typed in the Value column

Browse 42 Q&As
Exam Code: NSE5_FSM-5.2
Exam Name: Fortinet NSE 5 - FortiSIEM 5.2
Last Update: Mar 17, 2025
Questions: 42 Q&As

PDF

$49.99

VCE

$55.99

PDF + VCE

$65.99