NSE5_FSM-6.3 Dumps
NSE5_FSM-6.3 Braindumps NSE5_FSM-6.3 Real Questions NSE5_FSM-6.3 Practice Test NSE5_FSM-6.3 Actual Questions
NSE 5 - FortiSIEM 6.3
https://killexams.com/pass4sure/exam-detail/NSE5_FSM-6.3
To determine whether or not syslog is being received from a network device, which is the best command from the backend?
tcpdump
phDeviceTest
netcat
phSyslogRecorder
What operating system is FortiSIEM based on?
Cent OS
Microsoft Windows
RedHat
Ubuntu
A FortiSIEM supervisor at headquarters is struggling to keep up with an increase of EPS (Events Per Second) being reported across the enterprise.
What components should an administrator consider deploying to assist the supervisor with processing data?
Supervisor
Worker
Collector
Agent
What protocol can be used to collect Windows event logs in an agentless method?
SSH
SNMP
WMI
SMTP
If the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?
Down status is assigned because of packet loss.
Up status is assigned because of received packets
Critical status is assigned because of reduction in number of packets received
Degraded status is assigned because of packet loss
What is a prerequisite for FortiSIEM Linux agent installation?
The web server must be installed on the Linux server being monitored
The auditd service must be installed on the Linux server being monitored
The Linux agent manager server must be installed.
Both the web server and the audit service must be installed on the Linux server being monitored
Which FortiSIEM components are capable of performing device discovery?
FortiSIEM Windows agent
Worker
FortiSIEM Linux agent
Collector
If a performance rule is triggered repeatedly due to high CPU use. what occurs m the incident table?
A new incident is created each time the rule is triggered, and the First Seen and Last Seen times are updated.
The incident status changes to Repeated and the First Seen and Last Seen times are updated.
A new incident is created based on the Rule Frequency value, and the First Seen and Last Seen times are updated
The Incident Count value increases, and the First Seen and Last Seen tomes update
In FotiSlEM enterprise licensing mode, if the link between the collector and data center FortiSlEM cluster a down what happens?
The collector drops incoming events like syslog. but slops performance collection
The collector continues performance collection of devices, but stops receiving syslog
The collector buffers events
The collector processes stop, and events are dropped
A FortiSIEM administrator wants to restrict a network administrator to running searches for only firewall devices. Under role management, which option does the FortiSIEM administrator need to configure to achieve this scenario?
CMDB Report Conditions
Data Conditions
UI Access