NSE5_FSM-6.3 V2

Refer to the exhibit. A FortiSIEM administrator wants to group some attributes for a report, but is not able to do so successfully. As shown in the exhibit, why are some of the fields highlighted in red?A . Unique attributes cannot be grouped.B . The Event Receive Time attribute is...

When configuring collectors located in geographically separated sites, what ports must be open on a front end firewall?A . HTTPS, from the collector to the worker upload settings address onlyB . HTTPS, from the collector to the supervisor and worker upload settings addressesC . HTTPS, from the Internet to the...

An administrator defines SMTP as a critical process on a Linux server. It the SMTP process is stopped. FortiSIEM will generate a critical event with which event type?A . Postfix-Mail-StopB . PH_DEV_MON_PROC_STOPC . PH_DEV_MON_SMTP_STOPD . Generic_SMTP_Procoss_ExitView AnswerAnswer: B Explanation: Process Monitoring in FortiSIEM: FortiSIEM can monitor critical processes on managed...

An administrator is in the process of renewing a FortiSIEM license. Which two commands will provide the system ID? (Choose two.)A . phgetHWIDB . ./phLicenseTool - supportC . phgetUUIDD . ./phLicenseTool-showView AnswerAnswer: AC Explanation: License Renewal Process: When renewing a FortiSIEM license, it is essential to provide the system ID,...

IF the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?A . Up status is assigned because of received packets.B . Critical status is assigned because of reduction in number of packets received.C . Degraded status is...

Refer to the exhibit. An administrator is investigating a FortiSIEM license issue. The procedure is for which offline licensing condition?A . The procedure is for offline license debug.B . The procedure is for offline license registration.C . The procedure is for offline license validation.D . The procedure is for offline...

FortiSIEM is deployed in disaster recovery mode. When disaster strikes, which two tasks must you perform manually to achieve a successful disaster recovery operation? (Choose two.)A . Promote the secondary workers to the primary rotes using the phSecworker2priworker command.B . Promote the secondary supervisor to the primary role using the...

Refer to the exhibit. Which section contains the sortings that determine how many incidents are created?A . ActionsB . Group ByC . AggregateD . FiltersView AnswerAnswer: C Explanation: Incident Creation in FortiSIEM: Incidents in FortiSIEM are created based on specific patterns and conditions defined within the system. Group By Function:...

An administrator is configuring FortiSIEM to discover network devices and receive syslog from network devices. Which statement is correct?A . FortiSIEM uses privileged credentials to tog in to devices and make network configuration changes.B . FortiSIEM automatically configures network devices to send syslog using the auto log discovery process.C ....

Refer to the exhibit. What does the pauso icon indicate?A . Data collection is paused after the intervals shown for metrics.B . Data collection has not started.C . Data collection execution failed because the device is not reachable.D . Data collection is paused duo to an issue, such as a...