Passleader offers free demo for NSE5_FSM-5.2 exam. "Fortinet NSE 5 - FortiSIEM 5.2", also known as NSE5_FSM-5.2 exam, is a Fortinet Certification. This set of posts, Passing the Fortinet NSE5_FSM-5.2 exam, will help you answer those questions. The NSE5_FSM-5.2 Questions & Answers covers all the knowledge points of the real exam. 100% real Fortinet NSE5_FSM-5.2 exams and revised by experts!

Online NSE5_FSM-5.2 free questions and answers of New Version:

NEW QUESTION 1
What is the best discovery scan option for a network environment where ping is disabled on all network devices?

  • A. Smart scan
  • B. Range scan
  • C. CMDB scan
  • D. L2 scan

Answer: A

NEW QUESTION 2
What are the four possible incident status values?

  • A. Active, dosed, cleared, open
  • B. Active, cleared, cleared manually, system cleared
  • C. Active, closed, manual, resolved
  • D. Active, auto cleared, manual, false positive

Answer: C

NEW QUESTION 3
What is a prerequisite for FortiSIEM Linux agent installation?

  • A. The web server must be installed on the Linux server being monitored
  • B. The auditd service must be installed on the Linux server being monitored
  • C. The Linux agent manager server must be installed.
  • D. Both the web server and the audit service must be installed on the Linux server being monitored

Answer: D

NEW QUESTION 4
A FortiSIEM supervisor at headquarters is struggling to keep up with an increase of EPS (Events Per Second) being reported across the enterprise. What components should an administrator consider deploying to assist the supervisor with processing data?

  • A. Supervisor
  • B. Worker
  • C. Collector
  • D. Agent

Answer: B

NEW QUESTION 5
What protocol can be used to collect Windows event logs in an agentless method?

  • A. SSH
  • B. SNMP
  • C. WMI
  • D. SMTP

Answer: C

NEW QUESTION 6
What operating system is FortiSIEM based on?

  • A. Cent OS
  • B. Microsoft Windows
  • C. RedHat
  • D. Ubuntu

Answer: A

NEW QUESTION 7
Device discovery information is stored in which database?

  • A. CMDB
  • B. Profile DB
  • C. Event DB
  • D. SVN DB

Answer: A

NEW QUESTION 8
An administrator defines SMTP as a critical process on a Linux server. If the SMTP process is stopped, FortiSIEM would generate a critical event with which event type?

  • A. PH_DEV_MON_PROC_STOP
  • B. Postfix-Mail-Slop
  • C. Generic_SMTP_Process_Exit
  • D. PH_DEV_MON_SMTP_STOP

Answer: A

NEW QUESTION 9
Which protocol is almost always required for the FortiSIEM GUI discovery process?

  • A. SNMP
  • B. WMI
  • C. Syslog
  • D. Telnet

Answer: A

NEW QUESTION 10
Refer to the exhibit.
NSE5_FSM-5.2 dumps exhibit
A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server
Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?

  • A. TELNET
  • B. WMI
  • C. LDAPS
  • D. LDAP start TLS

Answer: A

NEW QUESTION 11
Refer to the exhibit.
NSE5_FSM-5.2 dumps exhibit
If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?

  • A. Eight results will be displayed
  • B. Four results will be displayed
  • C. Two results will be displayed
  • D. Unique attributes cannot be grouped

Answer: D

NEW QUESTION 12
Refer to the exhibit.
NSE5_FSM-5.2 dumps exhibit
What do the yellow stars listed in the Monitor column indicate?

  • A. A yellow star indicates that a metric was applied during discovery, and data has been collected successfully
  • B. A yellow star indicates that a metric was applied during discovery, but data collection has not started
  • C. A yellow star indicates that a metric was applied during discovery, but FortiSIEM is unable to collect data.
  • D. A yellow star indicates that a metric was not applied during discovery and, therefore, FortiSEIM was unable to collect data.

Answer: B

NEW QUESTION 13
Which discovery scan type is prone to miss a device, if the device is quiet and the entry foe that device is not present in the ARP table of adjacent devices?

  • A. CMDB scan
  • B. L2 scan
  • C. Range scan
  • D. Smart scan

Answer: D

NEW QUESTION 14
......

100% Valid and Newest Version NSE5_FSM-5.2 Questions & Answers shared by Certshared, Get Full Dumps HERE: https://www.certshared.com/exam/NSE5_FSM-5.2/ (New 42 Q&As)