ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FSM-6.3
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Refer to the exhibit. A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?
An administrator is using SNMP and WMI credentials to discover a Windows device. How will the WMI method handle this?
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?
Where do you configure rule notifications and automated remediation on FortiSIEM?
Which command displays the Linux agent status?
What are the four possible incident status values?
Refer to the exhibit. If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?
What are the four categories of incidents?
IF the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?
Refer to the exhibit. Which value will FortiSIEM use to populate the Event Type field?

Question 32 - NSE5_FSM-6.3 discussion

Report
Export

An administrator is using SNMP and WMI credentials to discover a Windows device. How will the WMI method handle this?

A.
WMI method will collect only traffic and IIS logs.
Answers
A.
WMI method will collect only traffic and IIS logs.
B.
WMI method will collect only DNS logs.
Answers
B.
WMI method will collect only DNS logs.
C.
WMI method will collect only DHCP logs.
Answers
C.
WMI method will collect only DHCP logs.
D.
WMI method will collect security, application, and system events logs.
Answers
D.
WMI method will collect security, application, and system events logs.
Suggested answer: A

Explanation:

WMI Method: Windows Management Instrumentation (WMI) is a set of specifications from Microsoft for consolidating the management of devices and applications in a network.

Log Collection: WMI is used to collect various types of logs from Windows devices.

Security Logs: Contains records of security-related events such as login attempts and resource access.

Application Logs: Contains logs generated by applications running on the system.

System Logs: Contains logs related to the operating system and its components.

Comprehensive Data Collection: By using WMI, FortiSIEM can gather a wide range of event logs that are crucial for monitoring and analyzing the security and performance of Windows devices.

Reference: FortiSIEM 6.3 User Guide, Data Collection Methods section, which details the use of WMI for collecting event logs from Windows devices.

Show Answer
asked 18/09/2024
Barry Higgins
38 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms