Practice Free NSE5_FSM-6.3 Exam Online Questions
An administrator is configuring FortiSIEM to discover network devices and receive syslog from network devices.
Which statement is correct?
- A . FortiSIEM uses privileged credentials to tog in to devices and make network configuration changes.
- B . FortiSIEM automatically configures network devices to send syslog using the auto log discovery process.
- C . FortiSIEM automatically configures network devices to send syslog using the GUI discovery process
- D . Syslog configuration must be done manually on devices by the network administrator.
Which discovery scan type is prone to miss a device, if the device is quiet and the entry foe that device is not present in the ARP table of adjacent devices?
- A . CMDB scan
- B . L2 scan
- C . Range scan
- D . Smart scan
In the advanced analytical rules engine in FortiSIEM, multiple subpatterms can be referenced using which three operation? (Choose three.)
- A . ELSE
- B . NOT
- C . FOLLOWED_BY
- D . OR
- E . AND
Refer to the exhibit.
What does the pauso icon indicate?
- A . Data collection is paused after the intervals shown for metrics.
- B . Data collection has not started.
- C . Data collection execution failed because the device is not reachable.
- D . Data collection is paused duo to an issue, such as a change of password.
Refer to the exhibit.
If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how, many results will be displayed?
- A . Seven results will be displayed.
- B . There results will be displayed.
- C . Unique attribute cannot be grouped.
- D . Five results will be displayed.
Refer to the exhibit.
If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how, many results will be displayed?
- A . Seven results will be displayed.
- B . There results will be displayed.
- C . Unique attribute cannot be grouped.
- D . Five results will be displayed.
IF the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?
- A . Up status is assigned because of received packets.
- B . Critical status is assigned because of reduction in number of packets received.
- C . Degraded status is assigned because of packet loss
- D . Down status is assigned because of packet loss.
Refer to the exhibit.
An administrator is investigating a FortiSIEM license issue.
The procedure is for which offline licensing condition?
- A . The procedure is for offline license debug.
- B . The procedure is for offline license registration.
- C . The procedure is for offline license validation.
- D . The procedure is for offline license verification.
What does the Frequency field determine on a rule?
- A . How often the rule will evaluate the subpattern.
- B . How often the rule will trigger for the same condition.
- C . How often the rule will trigger.
- D . How often the rule will take a clear action.
Which process converts raw log data to structured data?
- A . Data classification
- B . Data validation
- C . Data parsing
- D . Data enrichment