What protocol can be used to collect Windows event logs in an agentless method?

A. SSH

B. SNMP

C. WMI

D. SMTP

If the reported packet loss is between 50% and 98%. which status is assigned to the device in the Availability column of summary dashboard?

A. Down status is assigned because of packet loss.

B. Up status is assigned because of received packets

C. Critical status is assigned because of reduction in number of packets received

D. Degraded status is assigned because of packet loss

Which FortiSIEM components are capable of performing device discovery?

A. FortiSIEM Windows agent

B. Worker

C. FortiSIEM Linux agent

D. Collector

A FortiSIEM administrator wants to restrict a network administrator to running searches for only firewall devices. Under role management, which option does the FortiSIEM administrator need to configure to achieve this scenario?

A. CMDB Report Conditions

B. Data Conditions

C. UI Access

Refer to the exhibit.

How was the FortiGate device discovered by FortiSIEM?

A. Through GUI log discovery

B. Through syslog discovery

C. Using the pull events method

D. Through auto log discovery

In the advanced analytical rules engine in FortiSIEM, multiple subpatterms can be referenced using which three operation?(Choose three.)

A. ELSE

B. NOT

C. FOLLOWED_BY

D. OR

E. AND

Refer to the exhibit.

A FortiSIEM administrator wants to collect both SIEM event logs and performance and availability metrics (PAM) events from a Microsoft Windows server.

Which protocol should the administrator select in the AccessProtocol drop-down list so that FortiSIEM will collect both SIEM and PAM events?

A. TELNET

B. WMI

C. LDAPS

D. LDAP start TLS

What is a prerequisite for a FortiSIEM supervisor with a worker deployment, using the proprietary flat file database?

A. The CMDB database must be on NFS

B. The event database must be on NFS

C. The event database must be on a local disk

D. The \archive mount must be on a local disk

Which item is required to register a FortiSIEM appliance license?

A. Static storage

B. Static MAC address

C. Static IP address

D. Static Hardware ID

Refer to the exhibit.

The FortiSIEM administrator is examining events for two devices to investigate an issue However, the administrator is not getting any results from their search.

Based on the selected fillers shown in the exhibit, why is the search returning no results?

A. Parenthesis are missing

B. The wrong boolean operator is selected in the Next column

C. The wrong option is selected in the Operator column

D. An invalid IP subnet is typed in the Value column