ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FSM-6.3
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is using SNMP and WMI credentials to discover a Windows device. How will the WMI method handle this?
Refer to the exhibit. A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?
Which command displays the Linux agent status?
Refer to the exhibit. If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?
Where do you configure rule notifications and automated remediation on FortiSIEM?
IF the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?
An administrator is configuring FortiSIEM to discover network devices and receive syslog from network devices. Which statement is correct?
What are the four possible incident status values?
What are the four categories of incidents?

Question 30 - NSE5_FSM-6.3 discussion

Report
Export

What are the four categories of incidents?

A.
Devices, users, high risk, and low risk
Answers
A.
Devices, users, high risk, and low risk
B.
Performance, devices, high risk, and low risk
Answers
B.
Performance, devices, high risk, and low risk
C.
Performance, availability, security, and change
Answers
C.
Performance, availability, security, and change
D.
Security, change, high risk, and low risk
Answers
D.
Security, change, high risk, and low risk
Suggested answer: C

Explanation:

Incident Categories in FortiSIEM: Incidents in FortiSIEM are categorized to help administrators quickly identify and prioritize the type of issue.

Four Main Categories:

Performance: Incidents related to the performance of devices and applications, such as high CPU usage or memory utilization.

Availability: Incidents affecting the availability of services or devices, such as downtime or connectivity issues.

Security: Incidents related to security events, such as failed login attempts, malware detection, or unauthorized access.

Change: Incidents triggered by changes in the configuration or state of devices, such as new software installations or configuration modifications.

Importance of Categorization: These categories help in the efficient management and response to different types of incidents, allowing for better resource allocation and quicker resolution.

Reference: FortiSIEM 6.3 User Guide, Incident Management section, which details the different categories of incidents and their significance.

Show Answer
asked 18/09/2024
Franziska Kreuz
39 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms