Fortinet NSE5_FSM-5.2 - NSE 5 - FortiSIEM 5.2 Exam
Page: 2 / 8
Total 38 questions
Question #6 (Topic: Exam A)
What protocol can be used to collect Windows event logs in an agentless method?
A. SSH
B. SNMP
C. WMI
D. SMTP
Answer: C
Question #7 (Topic: Exam A)
Refer to the exhibit.
If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?
If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?
A. Eight results will be displayed.
B. Four results will be displayed.
C. Two results will be displayed.
D. Unique attributes cannot be grouped.
Answer: D
Question #8 (Topic: Exam A)
Which protocol is almost always required for the FortiSIEM GUI discovery process?
A. SNMP
B. WMI
C. Syslog
D. Telnet
Answer: A
Question #9 (Topic: Exam A)
To determine SNMP discovery issues, which is the best command from the backend?
A. snmpwalk
B. phSNMPTest
C. snmptest
D. ssh
Answer: A
Question #10 (Topic: Exam A)
An administrator defines SMTP as a critical process on a Linux server. If the SMTP process is stopped, FortiSIEM would generate a critical event with which event type?
A. PH_DEV_MON_PROC_STOP
B. Postfix-Mail-Stop
C. Generic_SMTP_Process_Exit
D. PH_DEV_MON_SMTP_STOP
Answer: D
