最新的NSE 5 Network Security Analyst認證 NSE5_FSM-6.3考試題庫

問題1

What are the four categories of incidents?

A. Security, change, high risk, and low risk

B. Performance, devices, high risk, and low risk

C. Performance, availability, security, and change

D. Devices, users, high risk, and low risk

正確答案: C

說明：（僅 VCESoft 成員可見）

問題2

Refer to the exhibit.

If events are grouped by User. Source IP. and Application Category attributes in FortiSiEM. how many results will be displayed?

A. Seven results will be displayed.

B. Three results will be displayed.

C. No results will be displayed.

D. Five results will be displayed.

正確答案: D

說明：（僅 VCESoft 成員可見）

問題3

An administrator is configuring FortiSIEM to discover network devices and receive syslog from network devices. Which statement is correct?

A. Syslog configuration must be done manually on devices by the network administrator.

B. FortiSIEM uses privileged credentials to tog in to devices and make network configuration changes.

C. FortiSIEM automatically configures network devices to send syslog using the GUI discovery process

D. FortiSIEM automatically configures network devices to send syslog using the auto log discovery process.

正確答案: A

說明：（僅 VCESoft 成員可見）

問題4

If a performance rule is triggered repeatedly due to high CPU use, what occurs in the incident table?

A. The incident status changes to Repeated, and the First Seen and Last Seen times are updated.

B. A new incident is created based on the Rule Frequency value, and the First Seen and Last Seen times ate updated.

C. The Incident Count value increases, and the First Seen and Last Seen times update.

D. A now incident is created each time the rule is triggered. and the First Seen and Last Seen times are updated.

正確答案: C

說明：（僅 VCESoft 成員可見）

問題5

An administrator defines SMTP as a critical process on a Linux server.
It the SMTP process is stopped. FortiSIEM will generate a critical event with which event type?

A. PH_DEV_MON_PROC_STOP

B. PH_DEV_MON_SMTP_STOP

C. Postfix-Mail-Stop

D. Generic_SMTP_Procoss_Exit

正確答案: A

說明：（僅 VCESoft 成員可見）

問題6

Refer to the exhibit.

A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?

A. LDAP start TLS

B. LDAPS

C. TELNET

D. WMI

正確答案: D

說明：（僅 VCESoft 成員可見）

問題7

Which statement about global thresholds and per device thresholds is true?

A. FortiSIEM uses global thresholds for all performance metrics.

B. FortiSIEM uses global and per device thresholds tor all performance metrics.

C. FortiSIEM uses fixed hardcoded thresholds for all performance metrics.

D. FortiSIEM uses global thresholds for all security metrics.

正確答案: B

說明：（僅 VCESoft 成員可見）

最新的Fortinet NSE 5 - FortiSIEM 6.3 - NSE5_FSM-6.3免費考試真題

最新更新

站內鏈接

聯系我們