● NSE 5 - FortiSIEM 6.3 Exam Materials

Please note that the exam "NSE 5 - FortiSIEM 6.3 Exam" is no longer offered by Fortinet and is not available for booking through Pearson VUE, so we opened it on free view,
It has been replaced by the exam "NSE 6 - FortiSIEM 7.2 Analyst Exam"

The new exam version is available on Brave-Dumps and can be purchased.

Question #41

Which incident view allows you to search and take action on incidents? (Choose one answer)

A. Overview
B. Table view
C. Risk view
D. List view

Question #42

A customer is experiencing slow performance while executing long, adhoc analytic searches.

Which FortiSIEM component can make the searches run faster? (Choose one answer)

A. Query worker
B. Event worker
C. Storage worker
D. Correlation worker

Question #43

Where must you configure rule notifications and automated remediation on FortiSIEM? (Choose one answer)

A. Notification policy
B. Notification engine
C. Email and scripting alerts
D. Response policies

Question #44

Which command displays the Linux agent status? (Choose one answer)

A. service Ao-linux-agent status
B. service fsm-linux-agent status
C. service fortisiem-linux-agent status
D. service linux-agent status

Question #45

What are the minimum memory requirements for the FortiSIEM supervisor virtual appliance, when the proprietary flat file database is used? (Choose one answer)

A. 32GB RAM
B. 24GB RAM
C. 16GB RAM
D. 64GB RAM

Question #46

What operating system is FortiSIEM based on? (Choose one answer)

A. RedHat
B. Ubuntu
C. Microsoft Windows
D. Cent OS

Question #47

Which section contain the subpattern configuration settings that determine how many matching events are needed to trigger the rule? (Choose one answer)

A. Actions
B. Aggregate
C. Filters
D. Group By

Question #48

What protocol can be used to collect Windows event logs in an agentless method? (Choose one answer)

A. SSH
B. SNMP
C. WMI
D. SMTP

Question #49

Which discovery scan type is prone to miss a device, if the device is quiet and the entry for that device is not present in the ARP table of adjacent devices? (Choose one answer)

A. Smart scan
B. Range scan
C. L2 scan
D. CMDB scan

Question #50

In the FortiSIEM CLI, which command would you use to determine whether or not syslog is being received from a network device? (Choose one answer)

A. tcpdump
B. netcat
C. phDeviceTest
D. phSyslogRecoder

● NSE 5 - FortiSIEM 6.3 Exam Materials

Which incident view allows you to search and take action on incidents? (Choose one answer)

Correct Answer: D

A customer is experiencing slow performance while executing long, adhoc analytic searches.

Which FortiSIEM component can make the searches run faster? (Choose one answer)

Correct Answer: A

Where must you configure rule notifications and automated remediation on FortiSIEM? (Choose one answer)

Correct Answer: A

Which command displays the Linux agent status? (Choose one answer)

Correct Answer: C

What are the minimum memory requirements for the FortiSIEM supervisor virtual appliance, when the proprietary flat file database is used? (Choose one answer)

Correct Answer: B

What operating system is FortiSIEM based on? (Choose one answer)

Correct Answer: D

Which section contain the subpattern configuration settings that determine how many matching events are needed to trigger the rule? (Choose one answer)

Correct Answer: B

What protocol can be used to collect Windows event logs in an agentless method? (Choose one answer)

Correct Answer: C

Which discovery scan type is prone to miss a device, if the device is quiet and the entry for that device is not present in the ARP table of adjacent devices? (Choose one answer)

Correct Answer: A

In the FortiSIEM CLI, which command would you use to determine whether or not syslog is being received from a network device? (Choose one answer)

Correct Answer: A

● NSE 5 - FortiSIEM 6.3 Exam Materials

Which incident view allows you to search and take action on incidents? (Choose one answer)

Correct Answer: D

A customer is experiencing slow performance while executing long, adhoc analytic searches. Which FortiSIEM component can make the searches run faster? (Choose one answer)

Correct Answer: A

Where must you configure rule notifications and automated remediation on FortiSIEM? (Choose one answer)

Correct Answer: A

Which command displays the Linux agent status? (Choose one answer)

Correct Answer: C

What are the minimum memory requirements for the FortiSIEM supervisor virtual appliance, when the proprietary flat file database is used? (Choose one answer)

Correct Answer: B

What operating system is FortiSIEM based on? (Choose one answer)

Correct Answer: D

Which section contain the subpattern configuration settings that determine how many matching events are needed to trigger the rule? (Choose one answer)

Correct Answer: B

What protocol can be used to collect Windows event logs in an agentless method? (Choose one answer)

Correct Answer: C

Which discovery scan type is prone to miss a device, if the device is quiet and the entry for that device is not present in the ARP table of adjacent devices? (Choose one answer)

Correct Answer: A

In the FortiSIEM CLI, which command would you use to determine whether or not syslog is being received from a network device? (Choose one answer)

Correct Answer: A

A customer is experiencing slow performance while executing long, adhoc analytic searches.

Which FortiSIEM component can make the searches run faster? (Choose one answer)