1. Home
  2. Fortinet
  3. NSE5_FSM-5.2

Fortinet NSE 5 - FortiSIEM 5.2

Exam Details

  • Exam Code
    :NSE5_FSM-5.2
  • Exam Name
    :Fortinet NSE 5 - FortiSIEM 5.2
  • Certification
    :Fortinet Certification
  • Vendor
    :Fortinet
  • Total Questions
    :42 Q&As
  • Last Updated
    :May 13, 2024

Fortinet Fortinet Certification NSE5_FSM-5.2 Questions & Answers

  • Question 1:

    Which protocol is almost always required for the FortiSIEM GUI discovery process?

    A. SNMP

    B. WMI

    C. Syslog D. Telnet

  • Question 2:

    Which item is required to register a FortiSIEM appliance license?

    A. Static storage

    B. Static MAC address

    C. Static IP address

    D. Static Hardware ID

  • Question 3:

    Refer to the exhibit.

    A FortiSIEM is continuously receiving syslog events from a FortiGate firewall The FortiSlfcM administrator is trying to search the raw event logs for the last two hours that contain the keyword tcp . However, the administrator is getting no results from the search.

    Based on the selected filters shown in the exhibit, why are there no search results?

    A. The keyword is case sensitive Instead of typing TCP in the Value field. the administrator should type tcp.

    B. In the Time section, the administrator selected the Relative Last option, and in the drop- down lists, selected 2 and Hours as the lime period The time period should be 24 hours.

    C. The administratorselected - inthe Operator column That a the wrong operator.

    D. The administrator selected AND in the Nextdrop-down list. Thisis the wrong boolean operator.

  • Question 4:

    Which database is used for storing anomaly data, that is calculated for different parameters, such as traffic and device resource usage running averages, and standard deviation values?

    A. Profile DB

    B. Event DB

    C. CMDB

    D. SVN DB

  • Question 5:

    Refer to the exhibit.

    The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.

    Based on the selected fillers shown in the exhibit, why is the search returning no results?

    A. Parenthesis are missing

    B. The wrong boolean operator is selected in the Next column

    C. The wrong option is selected in the Operator column

    D. An invalid IP subnet is typed in the Value column

  • Question 6:

    Device discovery information is stored in which database?

    A. CMDB

    B. Profile DB

    C. Event DB

    D. SVN DB

  • Question 7:

    What are the four categories of incidents?

    A. Devices, users, high risk, and low risk

    B. Performance, availability, security, and change

    C. Performance, devices, high risk, and low risk

    D. Security, change, high risk, and low risk

  • Question 8:

    An administrator wants to search for events received from Linux and Windows agents.

    Which attribute should the administrator use in search filters, to view events received from agents only.

    A. External Event Receive Protocol

    B. Event Received Proto Agents

    C. External Event Receive Raw Logs

    D. External Event Receive Agents

  • Question 9:

    Refer to the exhibit.

    If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?

    A. Eight results will be displayed

    B. Four results will be displayed

    C. Two results will be displayed

    D. Unique attributes cannot be grouped

  • Question 10:

    Which two export methods are available for FortiSIEM analytics results? (Choose two.)

    A. CSV

    B. PNG

    C. HTML

    D. PDF

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5_FSM-5.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.