● NSE 5 - FortiSIEM 6.3 Exam Materials
Please note that the exam "NSE 5 - FortiSIEM 6.3 Exam" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 6 - FortiSIEM 7.2 Analyst Exam"
The new exam version is available on Brave-Dumps and can be purchased.
It has been replaced by the exam "NSE 6 - FortiSIEM 7.2 Analyst Exam"
The new exam version is available on Brave-Dumps and can be purchased.
Question #31
Question #32
A FortiSIEM administrator wants to restrict a network administrator to running searches for only firewall devices. Under role management,
which option does the FortiSIEM administrator need to configure to achieve this scenario?
(Choose one answer)
- A. UI Access
- B. CMDB Report Conditions
- C. Data Conditions
- D. Device Group Restrictions
Question #33
Why would this search return no events?
Attribute: Reporting IP Operator: = Value: 1.1.1.1
Next: AND Attribute: Reporting IP Operator: = Value: 2.2.2.2
(Choose one answer)
- A. The wrong option is selected in the Operator Column
- B. Invalid IP Subnet
- C. Parenthesis is missing
- D. Wrong Boolean operator
Question #34
What are two tasks that you must do to make a secondary FortiSIEM device ready for disaster recovery? (Choose two answers)
- A. Configure the replication of license and license entitlements.
- B. Configure the replication of FortiSIEM certificates.
- C. Configure the replication of CMDB database.
- D. Configure the replication of profile data.
Question #35
Which two export methods are available for FortiSIEM analytics results? (Choose two answers)
- A. CSV
- B. PNG
- C. PDF
- D. HTML
Question #36
An administrator is investigating the slow performance of a FortiSIEM device.
Which command provides information about the CPU usage of FortiSIEM processes, disk usage, and EPS?
(Choose one answer)
- A. ./phxctl --all
- B. ./phnfsstat
- C. ./phtools -a
- D. ./phstatus -a
Question #37
How is a subpattern for a rule defined? (Choose one answer)
- A. Filters, Aggregation, Group By definitions
- B. Filters, Threshold, Time Windows definitions
- C. Filters, Group By definitios, Threshold
- D. Filters, Aggregation, Time Windows definitions
Question #38
A FortiSIEM is continuously receiving syslog events from a FortiGate firewall The FortiSlfcM administrator is trying to search the raw event logs for the last two hours that contain the keyword tcp . However, the administrator is getting no results from the search.
Based on the selected filters shown in the exhibit, why are there no search results?
(Choose one answer)
- A. The keyword is case sensitive Instead of typing TCP in the Value field. the administrator should type tcp.
- B. The administrator selected AND in the Next drop-down list. This is the wrong boolean operator.
- C. The administrator selected - in the Operator column That a the wrong operator.
- D. In the Time section, the administrator selected the Relative Last option, and in the drop-down lists, selected 2 and Hours as the lime period The time period should be 24 hours.
Question #39
Which statement best describes auto-log discovery? (Choose one answer)
- A. When SMTP is used a range scan discovery
- B. When a syslog-relay is used to deliver logs to the FortiSIEM report server
- C. When a syslog is sent from a network device to FortiSIEM without performing a discovery
- D. When FortiSIEM pulls syslog from a network device to determine event types
Question #40
What does the Frequency field determine on a rule? (Choose one answer)
- A. How often the rule will trigger for the same condition.
- B. How often the rule will evaluate the subpattern
- C. How often the rule will take a clear action.
- D. How often the rule will trigger
In the CMDB page for a network device, the Configuration tab is unexpectedly empty.
Which is a possible reason? (Choose one answer)