NSE5_FSM-5.2試験問題集合格させるのは2022年最新の認証済み試験問題 [Q13-Q30]

NSE5_FSM-5.2試験問題集合格させるのは2022年最新の認証済み試験問題

NSE5_FSM-5.2試験問題でリアルに更新された問題PDF

質問 13
Refer to the exhibit.

An administrator is trying to identify an issue using an expression bated on the Expression Builder settings shown in the exhibit however, the error message shown in the exhibit indicates that the expression is invalid.
Which is the correct expression?

• A. Matched Events COUNT()
• B. (COUNT) Matched Events
• C. Matched Events(COUNT)
• D. COUNT(Matched Events)

正解: D

 

質問 14
Which two export methods are available for FortiSIEM analytics results? (Choose two.)

• A. HTML
• B. CSV
• C. PNG
• D. PDF

正解: B,D

 

質問 15
Which command displays the Linux agent status?

• A. Service linux-agent status
• B. Service Ao-linux-agent status
• C. Service fsm-linux-agent status
• D. Service fortisiem-linux-agent status

正解: D

 

質問 16
Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.
Based on the selected fillers shown in the exhibit, why is the search returning no results?

• A. An invalid IP subnet is typed in the Value column
• B. The wrong boolean operator is selected in the Next column
• C. The wrong option is selected in the Operator column
• D. Parenthesis are missing

正解: B

 

質問 17
To determine whether or not syslog is being received from a network device, which is the best command from the backend?

• A. tcpdump
• B. phSyslogRecorder
• C. phDeviceTest
• D. netcat

正解: A

 

質問 18
What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?

• A. The event database must be on a local disk
• B. The event database must be on NFS
• C. The CMDB database must be on NFS
• D. The \archive mount must be on a local disk

正解: B

 

質問 19
Refer to the exhibit.

If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?

• A. Four results will be displayed
• B. Unique attributes cannot be grouped
• C. Two results will be displayed
• D. Eight results will be displayed

正解: B

 

質問 20
In the advanced analytical rules engine in FortiSIEM, multiple subpatterms can be referenced using which three operation?(Choose three.)

• A. AND
• B. NOT
• C. ELSE
• D. OR
• E. FOLLOWED_BY

正解: A,B,C

 

質問 21
Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.
Based on the selected fillers shown in the exhibit, why is the search returning no results?

• A. The wrong boolean operator is selected in the Next column
• B. The wrong option is selected in the Operator column
• C. Parenthesis are missing
• D. An invalid IP subnet is typed in the Value column

正解: D

 

質問 22
An administrator defines SMTP as a critical process on a Linux server. If the SMTP process is stopped, FortiSIEM would generate a critical event with which event type?

• A. PH_DEV_MON_SMTP_STOP
• B. Generic_SMTP_Process_Exit
• C. PH_DEV_MON_PROC_STOP
• D. Postfix-Mail-Slop

正解: C

 

質問 23
What is a prerequisite for FortiSIEM Linux agent installation?

• A. The auditd service must be installed on the Linux server being monitored
• B. Both the web server and the audit service must be installed on the Linux server being monitored
• C. The web server must be installed on the Linux server being monitored
• D. The Linux agent manager server must be installed.

正解: B

 

質問 24
Refer to the exhibit.

A FortiSlEM administrator wants to group some attributes for a report, but is not able to do so successfully.
As shown in the exhibit, why are some of the fields highlighted in red?

• A. Unique attributes cannot be grouped.
• B. The attribute COUNT(Matched event) is an invalid expression.
• C. The Event Receive Time attribute is not available for logs.
• D. No RAW Event Log attribute is available for devices.

正解: A

 

質問 25
Refer to the exhibit.

If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?

• A. Unique attribute cannot be grouped.
• B. There results will be displayed.
• C. Seven results will be displayed.
• D. Five results will be displayed.

正解: D

 

質問 26
What protocol can be used to collect Windows event logs in an agentless method?

• A. SNMP
• B. WMI
• C. SMTP
• D. SSH

正解: B

 

質問 27
Which three ports can be used to send Syslogs to FortiSIEM? (Choose three.)

• A. TCP 514
• B. UDP 162
• C. UDP 514
• D. UDP9999
• E. TCP 1470

正解: B,C,E

 

質問 28
What are the minimum memory requirements for the FortiSIEM supervisor virtual appliance, when the proprietary flat file database is used?

• A. 64GB RAM
• B. 24GB RAM
• C. 32GB RAM
• D. 16GB RAM

正解: C

 

質問 29
If a performance rule is triggered repeatedly due to high CPU use. what occurs m the incident table?

• A. The Incident Count value increases, and the First Seen and Last Seen tomes update
• B. A new incident is created each time the rule is triggered, and the First Seen and Last Seen times are updated.
• C. A new incident is created based on the Rule Frequency value, and the First Seen and Last Seen times are updated
• D. The incident status changes to Repeated and the First Seen and Last Seen times are updated.

正解: B

 

質問 30
......

合格させる保証付き無料クイズ2022年最新の実際に出ると確認されたFortinet：https://www.jpntest.com/shiken/NSE5_FSM-5.2-mondaishu