• ホーム
  • ブログ
  • [2022年02月]更新のFortinet NSE5_FSM-5.2試験基本問題には解答が付きます [Q11-Q33]

[2022年02月]更新のFortinet NSE5_FSM-5.2試験基本問題には解答が付きます [Q11-Q33]

Share

[2022年02月]更新のFortinet NSE5_FSM-5.2試験基本問題には解答が付きます

2022年最新の実際に出るFortinet NSE5_FSM-5.2試験問題集と解答

質問 11
Refer to the exhibit.

Three events are collected over a 10-minutc time period from two servers Server A and Server B.
Based on the settings being used for the rule subpattern. how many incidents will the servers generate?

  • A. Server A will generate one incident and Server B wifl generate one incident
  • B. Server A will not generate any incidents and Server B will not generate any incidents
  • C. Server A will generate one incident and Server B will not generate any incidents
  • D. Server B will generate one incident and Server A will not generate any incidents

正解: B

 

質問 12
A FortiSIEM administrator wants to restrict a network administrator to running searches for only firewall devices. Under role management, which option does the FortiSIEM administrator need to configure to achieve this scenario?

  • A. UI Access
  • B. Data Conditions
  • C. CMDB Report Conditions

正解: B

 

質問 13
Which database is used for storing anomaly data, that is calculated for different parameters, such as traffic and device resource usage running averages, and standard deviation values?

  • A. Event DB
  • B. SVN DB
  • C. Profile DB
  • D. CMDB

正解: C

 

質問 14
Refer to the exhibit.

How was the FortiGate device discovered by FortiSIEM?

  • A. Using the pull events method
  • B. Through GUI log discovery
  • C. Through syslog discovery
  • D. Through auto log discovery

正解: B

 

質問 15
If the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?

  • A. Degraded status is assigned because of packet loss
  • B. Critical status is assigned because of reduction in number of packets received
  • C. Down status is assigned because of packet loss.
  • D. Up status is assigned because of received packets

正解: A

 

質問 16
Refer to the exhibit.

If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?

  • A. Five results will be displayed.
  • B. Seven results will be displayed.
  • C. There results will be displayed.
  • D. Unique attribute cannot be grouped.

正解: A

 

質問 17
Which item is required to register a FortiSIEM appliance license?

  • A. Static IP address
  • B. Static storage
  • C. Static MAC address
  • D. Static Hardware ID

正解: D

 

質問 18
If an incident's status is Cleared, what does this mean?

  • A. Two hours have passed since the incident occurred and the incident has not reoccurred.
  • B. A security rule issue has been resolved.
  • C. A clear condition set on a rule was satisfied.
  • D. The incident was cleared by an operator.

正解: A

 

質問 19
Refer to the exhibit.

A FortiSlEM administrator wants to group some attributes for a report, but is not able to do so successfully.
As shown in the exhibit, why are some of the fields highlighted in red?

  • A. Unique attributes cannot be grouped.
  • B. The attribute COUNT(Matched event) is an invalid expression.
  • C. No RAW Event Log attribute is available for devices.
  • D. The Event Receive Time attribute is not available for logs.

正解: A

 

質問 20
Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.
Based on the selected fillers shown in the exhibit, why is the search returning no results?

  • A. An invalid IP subnet is typed in the Value column
  • B. Parenthesis are missing
  • C. The wrong boolean operator is selected in the Next column
  • D. The wrong option is selected in the Operator column

正解: A

 

質問 21
To determine SNMP discovery issues, which is the best command from the backend?

  • A. snmptest
  • B. phSNMPTest
  • C. snmpwalk
  • D. ssh

正解: C

 

質問 22
Which protocol is almost always required for the FortiSIEM GUI discovery process?

  • A. SNMP
  • B. WMI
  • C. Syslog
  • D. Telnet

正解: A

 

質問 23
Refer to the exhibit.

Three events are collected over a 10-minutc time period from two servers Server A and Server B.
Based on the settings being used for the rule subpattern. how many incidents will the servers generate?

  • A. Server A will generate one incident and Server B wifl generate one incident
  • B. Server A will not generate any incidents and Server B will not generate any incidents
  • C. Server A will generate one incident and Server B will not generate any incidents
  • D. Server B will generate one incident and Server A will not generate any incidents

正解: B

 

質問 24
Which three ports can be used to send Syslogs to FortiSIEM? (Choose three.)

  • A. UDP 514
  • B. UDP9999
  • C. TCP 514
  • D. UDP 162
  • E. TCP 1470

正解: A,D,E

 

質問 25
Refer to the exhibit.

If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?

  • A. Five results will be displayed.
  • B. Seven results will be displayed.
  • C. There results will be displayed.
  • D. Unique attribute cannot be grouped.

正解: A

 

質問 26
Which three ports can be used to send Syslogs to FortiSIEM? (Choose three.)

  • A. UDP 514
  • B. UDP9999
  • C. UDP 162
  • D. TCP 514
  • E. TCP 1470

正解: A,D,E

 

質問 27
Which process converts Raw log data to structured data?

  • A. Data enrichment
  • B. Data classification
  • C. Data validation
  • D. Data parsing

正解: C

 

質問 28
Refer to the exhibit.

A FortiSlEM administrator wants to group some attributes for a report, but is not able to do so successfully.
As shown in the exhibit, why are some of the fields highlighted in red?

  • A. Unique attributes cannot be grouped.
  • B. The attribute COUNT(Matched event) is an invalid expression.
  • C. No RAW Event Log attribute is available for devices.
  • D. The Event Receive Time attribute is not available for logs.

正解: A

 

質問 29
What is a prerequisite for FortiSIEM Linux agent installation?

  • A. Both the web server and the audit service must be installed on the Linux server being monitored
  • B. The auditd service must be installed on the Linux server being monitored
  • C. The web server must be installed on the Linux server being monitored
  • D. The Linux agent manager server must be installed.

正解: A

 

質問 30
Refer to the exhibit.

If events are grouped by Event Receive Time, Reporting IP, and User attributes in FortiSIEM, how many results will be displayed?

  • A. Two results will be displayed
  • B. Four results will be displayed
  • C. Unique attributes cannot be grouped
  • D. Eight results will be displayed

正解: C

 

質問 31
Refer to the exhibit.

An administrator is trying to identify an issue using an expression bated on the Expression Builder settings shown in the exhibit however, the error message shown in the exhibit indicates that the expression is invalid.
Which is the correct expression?

  • A. (COUNT) Matched Events
  • B. COUNT(Matched Events)
  • C. Matched Events(COUNT)
  • D. Matched Events COUNT()

正解: B

 

質問 32
Refer to the exhibit.

What do the yellow stars listed in the Monitor column indicate?

  • A. A yellow star indicates that a metric was applied during discovery, but data collection has not started
  • B. A yellow star indicates that a metric was applied during discovery, but FortiSIEM is unable to collect data.
  • C. A yellow star indicates that a metric was not applied during discovery and, therefore, FortiSEIM was unable to collect data.
  • D. A yellow star indicates that a metric was applied during discovery, and data has been collected successfully

正解: A

 

質問 33
......

合格保証付きのNSE 5 Network Security Analyst NSE5_FSM-5.2試験問題集:https://www.goshiken.com/Fortinet/NSE5_FSM-5.2-mondaishu.html

関するブログ

もっと
NSE5_FSM-5.2無料問題集