Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE5_FSM-6.3 Topic 2 Question 13 Discussion

Actual exam question for Fortinet's NSE5_FSM-6.3 exam
Question #: 13
Topic #: 2
[All NSE5_FSM-6.3 Questions]

Refer to the exhibit.

A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server

Which protocol should the administrator select in the Access Protocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?

Show Suggested Answer Hide Answer
Suggested Answer: B

Collecting SIEM and PAM Events: To collect both SIEM event logs and Performance and Availability Monitoring (PAM) events from a Microsoft Windows server, a suitable protocol must be selected.

WMI Protocol: Windows Management Instrumentation (WMI) is the appropriate protocol for this task.

SIEM Event Logs: WMI can collect security, application, and system logs from Windows devices.

PAM Events: WMI can also gather performance metrics, such as CPU usage, memory utilization, and disk activity.

Comprehensive Data Collection: Using WMI ensures that both types of data are collected efficiently from the Windows server.

Reference: FortiSIEM 6.3 User Guide, Data Collection Methods section, which details the use of WMI for collecting various types of logs and performance metrics.


by Luther at Sep 12, 2024, 08:04 PM

Limited Time Offer

25%

Off

Get Premium NSE5_FSM-6.3 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Martina
2 months ago
B) WMI, no doubt. Unless the admin is feeling particularly adventurous and wants to try out the 'Windows Carrier Pigeon Protocol' (patent pending).
upvoted 0 times
...
Cammy
2 months ago
Hmm, let's see. TELNET? Nah, that's so old-school. LDAPS? Maybe, but it's more for authentication than event collection. I'm gonna go with B) WMI. Gotta love that Windows management goodness!
upvoted 0 times
...
Bethanie
2 months ago
I'm pretty sure it's B) WMI. I mean, what else would you use to gather all that juicy Windows data? Carrier pigeons?
upvoted 0 times
Hailey
1 months ago
Yep, WMI is the protocol you need for that kind of data collection.
upvoted 0 times
...
Launa
1 months ago
Definitely, WMI is the best choice for gathering Windows data.
upvoted 0 times
...
Taryn
1 months ago
I agree, B) WMI is the way to go for collecting both SIEM and PAM events.
upvoted 0 times
...
...
Jade
2 months ago
I'm not sure, but I think LDAPS could also be a good option for this scenario.
upvoted 0 times
...
Maryln
3 months ago
Well, the answer is clearly B) WMI. That's the protocol that allows FortiSIEM to collect both SIEM and PAM events from a Windows server. Piece of cake!
upvoted 0 times
Annelle
1 months ago
Good choice, WMI is the way to go for that scenario.
upvoted 0 times
...
Rosann
1 months ago
Great, thanks for confirming. I'll go with WMI then.
upvoted 0 times
...
Tanja
2 months ago
Yes, you're right. WMI is the protocol for collecting both SIEM and PAM events.
upvoted 0 times
...
Viola
2 months ago
I think the answer is B) WMI.
upvoted 0 times
...
...
Junita
3 months ago
I agree with Camellia, WMI is the right choice for collecting both SIEM and PAM events.
upvoted 0 times
...
Camellia
3 months ago
I think the correct protocol is WMI.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77