ExamGecko
Search Search Login
Home Home / Fortinet / NSE5_FSM-6.3
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

An administrator is using SNMP and WMI credentials to discover a Windows device. How will the WMI method handle this?
Refer to the exhibit. A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?
Which command displays the Linux agent status?
What are the four possible incident status values?
Refer to the exhibit. If events are grouped by Reporting IP, Event Type, and user attributes in FortiSIEM, how ,many results will be displayed?
In the rules engine, which condition instructs FortiSIEM to summarize and count the matching evaluated data?
Where do you configure rule notifications and automated remediation on FortiSIEM?
What are the four categories of incidents?
IF the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?
Refer to the exhibit. Which value will FortiSIEM use to populate the Event Type field?

Question 42 - NSE5_FSM-6.3 discussion

Report
Export

Refer to the exhibit.

A FortiSIEM is continuously receiving syslog events from a FortiGate firewall The FortiSlfcM administrator is trying to search the raw event logs for the last two hours that contain the keyword tcp . However, the administrator is getting no results from the search.

Based on the selected filters shown in the exhibit, why are there no search results?

A.
The keyword is case sensitive Instead of typing TCP in the Value field. the administrator should type tcp.
Answers
A.
The keyword is case sensitive Instead of typing TCP in the Value field. the administrator should type tcp.
B.
In the Time section, the administrator selected the Relative Last option, and in the drop-down lists, selected 2 and Hours as the lime period The time period should be 24 hours.
Answers
B.
In the Time section, the administrator selected the Relative Last option, and in the drop-down lists, selected 2 and Hours as the lime period The time period should be 24 hours.
C.
The administrator selected - in the Operator column That a the wrong operator.
Answers
C.
The administrator selected - in the Operator column That a the wrong operator.
D.
The administrator selected AND in the Next drop-down list. This is the wrong boolean operator.
Answers
D.
The administrator selected AND in the Next drop-down list. This is the wrong boolean operator.
Suggested answer: A

Explanation:

Case Sensitivity in Searches: In FortiSIEM, search queries, including those for raw event logs, are case sensitive. This means that keywords must be entered exactly as they appear in the logs.

Keyword Mismatch: The exhibit shows the keyword 'TCP' in the Value field. If the actual events use 'tcp' (lowercase), the search will return no results because of the case mismatch.

Correct Keyword: To match the keyword correctly, the administrator should enter 'tcp' in the Value field.

Reference: FortiSIEM 6.3 User Guide, Search and Filtering section, which discusses the importance of case sensitivity in search queries.

Show Answer
asked 18/09/2024
john ignacio echavarria lopez
33 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms