Fortinet NSE 5 - FortiSIEM 6.3 - NSE5_FSM-6.3 Exam Practice Test

Question 1

Which is a requirement for implementing FortiSIEM disaster recovery?

A. All worker nodes must access both supervisor nodes using IP.

B. The two supervisor nodes must have layer 2 connectivity.

C. DNS names must be used for the worker upload addresses.

D. SNMP, and WMI ports must be open between the two supervisor nodes.

Correct Answer: C

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 2

Refer to the exhibit.

Which section contains the sortings that determine how many incidents are created?

A. Actions

B. Aggregate

C. Filters

D. Group By

Correct Answer: B

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 3

What are two tasks that you must do to make a secondary FortiSIEM device ready for disaster recovery? (Choose two.)

A. Configure the replication of FortiSIEM certificates.

B. Configure the replication of profile data.

C. Configure the replication of CMDB database.

D. Configure the replication of license and license entitlements.

Correct Answer: B,C

Question 4

Refer to the exhibit.

A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?

A. LDAP start TLS

B. TELNET

C. WMI

D. LDAPS

Correct Answer: C

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 5

Which database is used for storing anomaly data, that is calculated for different parameters, such as traffic and device resource usage running averages, and standard deviation values?

A. Event DB

B. SVN DB

C. CMDB

D. Profile DB

Correct Answer: D

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 6

An administrator is using SNMP and WMI credentials to discover a Windows device. How will the WMI method handle this?

A. WMI method will collect only traffic and IIS logs.

B. WMI method will collect security, application, and system events logs.

C. WMI method will collect only DNS logs.

D. WMI method will collect only DHCP logs.

Correct Answer: A

Explanation: Only visible for Actualtests4sure members. You can sign-up / login (it's free).

Question 7

An administrator is investigating the slow performance of a FortiSlEM device.
Which command provides information about the CPU usage of FortiSlEM processes, disk usage, and EPS?

A. ./phstatus --a

B. ./phtools -a

C. ./phxct1 --all

D. ./phnfsstat.

Correct Answer: A

Fortinet NSE 5 - FortiSIEM 6.3 - NSE5_FSM-6.3 Exam Practice Test

Latest Update

Useful Links

Contact Us