Exam Details
Exam Code
:NSE5_FSM-5.2Exam Name
:Fortinet NSE 5 - FortiSIEM 5.2Certification
:Fortinet CertificationsVendor
:FortinetTotal Questions
:42 Q&AsLast Updated
:Jun 10, 2025
Fortinet Fortinet Certifications NSE5_FSM-5.2 Questions & Answers
-
Question 21:
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?
A. Time Window
B. Aggregation
C. Group By
D. Filters
-
Question 22:
Refer to the exhibit.
What do the yellow stars listed in the Monitor column indicate?
A. A yellow star indicates that a metric was applied during discovery, and data has been collected successfully
B. A yellow star indicates that a metric was applied during discovery, but data collection has not started
C. A yellow star indicates that a metric was applied during discovery, but FortiSIEM is unable to collect data.
D. A yellow star indicates that a metric was not applied during discovery and, therefore, FortiSEIM was unable to collect data.
-
Question 23:
Refer to the exhibit.
If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?
A. Seven results will be displayed.
B. There results will be displayed.
C. Unique attribute cannot be grouped.
D. Five results will be displayed.
-
Question 24:
What is the best discovery scan option for a network environment where ping is disabled on all network devices?
A. Smart scan
B. Range scan
C. CMDB scan
D. L2 scan
-
Question 25:
Refer to the exhibit.
Three events are collected over a 10-minutc time period from two servers Server A and Server B. Based on the settings being used for the rule subpattern. how many incidents will the servers generate?
A. Server A will not generate any incidents and Server B will not generate any incidents
B. Server A will generate one incident and Server B wifl generate one incident
C. Server A will generate one incident and Server B will not generate any incidents
D. Server B will generate one incident and Server A will not generate any incidents
-
Question 26:
Refer to the exhibit.
A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server.
Which protocol should the administrator select in the AccessProtocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?
A. TELNET
B. WMI
C. LDAPS
D. LDAP start TLS
-
Question 27:
What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?
A. The CMDB database must be on NFS
B. The event database must be on NFS
C. The event database must be on a local disk
D. The \archive mount must be on a local disk
-
Question 28:
In the advanced analytical rules engine in FortiSIEM, multiple subpatterms can be referenced using which three operation?(Choose three.)
A. ELSE
B. NOT
C. FOLLOWED_BY
D. OR
E. AND
-
Question 29:
What is a prerequisite for FortiSIEM Linux agent installation?
A. The web server must be installed on the Linux server being monitored
B. The auditd service must be installed on the Linux server being monitored
C. The Linux agent manager server must be installed.
D. Both the web server and the audit service must be installed on the Linux server being monitored
-
Question 30:
Which FortiSIEM components are capable of performing device discovery?
A. FortiSIEM Windows agent
B. Worker
C. FortiSIEM Linux agent
D. Collector
Related Exams:
FCP_FGT_AD-7.4
FCP - FortiGate 7.4 AdministratorFCP_WCS_AD-7.4
FCP - AWS Cloud Security 7.4 AdministratorFCSS_EFW_AD-7.4
FCSS - Enterprise Firewall 7.4 AdministratorFCSS_NST_SE-7.4
FCSS - Network Security 7.4 Support EngineerFCSS_SASE_AD-24
FCSS - FortiSASE 24 AdministratorNSE4_FGT-5.6
Fortinet NSE 4 - FortiOS 5.6NSE4_FGT-6.0
Fortinet NSE 4 - FortiOS 6.0NSE4_FGT-6.4
Fortinet NSE 4 - FortiOS 6.4NSE4_FGT-7.0
Fortinet NSE 4 - FortiOS 7.0NSE4_FGT-7.2
Fortinet NSE 4 - FortiOS 7.2
Tips on How to Prepare for the Exams
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Fortinet exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your NSE5_FSM-5.2 exam preparations and Fortinet certification application, do not hesitate to visit our Vcedump.com to find your solutions here.