Fortinet Exam NSE5_FSM-6.3 Topic 3 Question 25 Discussion

Actual exam question for Fortinet's NSE5_FSM-6.3 exam

Question #: 25
Topic #: 3

[All NSE5_FSM-6.3 Questions]

If a performance rule is triggered repeatedly due to high CPU use, what occurs in the incident table?

AA now incident is created each time the rule is triggered. and the First Seen and Last Seen times are updated.

BA new incident is created based on the Rule Frequency value, and the First Seen and Last Seen times ate updated.

CThe Incident Count value increases, and the First Seen and Last Seen times update.

DThe incident status changes to Repeated, and the First Seen and Last Seen times are updated.

Show Suggested Answer

Suggested Answer: C

Incident Management in FortiSIEM: FortiSIEM tracks incidents and their occurrences to help administrators manage and respond to recurring issues.

Performance Rule Triggering: When a performance rule, such as one for high CPU usage, is repeatedly triggered, FortiSIEM updates the corresponding incident rather than creating a new one each time.

Incident Table Updates:

Incident Count: The Incident Count value increases each time the rule is triggered, indicating how many times the incident has occurred.

First Seen and Last Seen Times: These timestamps are updated to reflect the first occurrence and the most recent occurrence of the incident.

Reference: FortiSIEM 6.3 User Guide, Incident Management section, explains how FortiSIEM handles recurring incidents and updates the incident table accordingly.

by Nancey at May 03, 2025, 04:14 AM

Limited Time Offer

25%

1 months ago

I think the answer is A. A new incident is created each time the rule is triggered.

upvoted 0 times

...