Fortinet NSE5_FSM-6.3 - Fortinet NSE 5 - FortiSIEM 6.3 Exam
Page: 1 / 7
Total 31 questions
Question #1 (Topic: Exam A)
Consider the storage of anomaly baseline data that is calculated for different parameters.
Which database is used for storing this data?
Which database is used for storing this data?
A. Event DB
B. Profile DB
C. SVN DB
D. CMDB
Answer: B
Question #2 (Topic: Exam A)
Which two FortiSIEM components work together to provide real-time event correlation?
A. Supervisor and worker
B. Collector and Windows agent
C. Worker and collector
D. Supervisor and collector
Answer: A
Question #3 (Topic: Exam A)
Refer to the exhibit.
How was the FortiGate device discovered by FortiSIEM?
How was the FortiGate device discovered by FortiSIEM?
A. GUI log discovery
B. Syslog discovery
C. Pull events discovery
D. Auto log discovery
Answer: D
Question #4 (Topic: Exam A)
When configuring collectors located in geographically separated sites, what ports must be open on a front end firewall?
A. HTTPS, from the collector to the worker upload settings address only
B. HTTPS, from the collector to the supervisor and worker upload settings addresses
C. HTTPS, from the Internet to the collector
D. HTTPS, from the Internet to the collector and from the collector to the FortiSIEM cluster
Answer: B
Question #5 (Topic: Exam A)
An administrator is configuring FortiSIEM to discover network devices and receive syslog from network devices.
Which statement is correct?
Which statement is correct?
A. FortiSIEM uses privileged credentials to log in to devices and make network configuration changes.
B. FortiSIEM automatically configures network devices to send syslog using the auto log discovery process.
C. FortiSIEM automatically configures network devices to send syslog using the GUI discovery process.
D. Syslog configuration must be done manually on devices by the network administrator.
Answer: D
