Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Fortinet Exam NSE5_FSM-6.3 Topic 3 Question 25 Discussion

Actual exam question for Fortinet's NSE5_FSM-6.3 exam
Question #: 25
Topic #: 3
[All NSE5_FSM-6.3 Questions]

If a performance rule is triggered repeatedly due to high CPU use, what occurs in the incident table?

Show Suggested Answer Hide Answer
Suggested Answer: C

Incident Management in FortiSIEM: FortiSIEM tracks incidents and their occurrences to help administrators manage and respond to recurring issues.

Performance Rule Triggering: When a performance rule, such as one for high CPU usage, is repeatedly triggered, FortiSIEM updates the corresponding incident rather than creating a new one each time.

Incident Table Updates:

Incident Count: The Incident Count value increases each time the rule is triggered, indicating how many times the incident has occurred.

First Seen and Last Seen Times: These timestamps are updated to reflect the first occurrence and the most recent occurrence of the incident.

Reference: FortiSIEM 6.3 User Guide, Incident Management section, explains how FortiSIEM handles recurring incidents and updates the incident table accordingly.


by Nancey at May 03, 2025, 04:14 AM

Limited Time Offer

25%

Off

Get Premium NSE5_FSM-6.3 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Tamekia
5 days ago
I think the answer is B. A new incident is created based on the Rule Frequency value.
upvoted 0 times
...
Virgie
14 days ago
Did anyone else notice how they're trying to trick us with those last seen and first seen times? Clearly, option C is the way to go. Simple and straightforward.
upvoted 0 times
...
Alaine
18 days ago
Guys, I think we're all overthinking this. The answer is clearly C. The incident count increasing is the most straightforward way to handle repeated rule triggers.
upvoted 0 times
...
Vinnie
24 days ago
Ha! Looks like someone's trying to trip us up with these options. I'm calling option A - a new incident every time the rule is triggered, that makes the most sense to me.
upvoted 0 times
Adelina
13 days ago
I think option A is correct too, it just makes sense to create a new incident each time.
upvoted 0 times
...
...
Lizbeth
28 days ago
Ooh, this is a tricky one! I'm going to go with option B. The rule frequency should determine when a new incident is created, right?
upvoted 0 times
...
Shannan
1 months ago
Hmm, I'm not too sure about this one. But I'm leaning towards option D. Seems logical that the incident status would change to Repeated if the rule is triggered repeatedly.
upvoted 0 times
Portia
16 hours ago
I think option A is correct. A new incident is created each time the rule is triggered.
upvoted 0 times
...
...
Basilia
1 months ago
I think option C is the correct answer. The Incident Count value should increase with each repeated trigger, and the First Seen and Last Seen times should update accordingly.
upvoted 0 times
Tula
14 days ago
I think option C is the correct answer.
upvoted 0 times
...
...
Brinda
1 months ago
But wouldn't it make more sense for a new incident to be created each time?
upvoted 0 times
...
Yen
1 months ago
I disagree, I believe the answer is C. The Incident Count value increases.
upvoted 0 times
...
Brinda
2 months ago
I think the answer is A. A new incident is created each time the rule is triggered.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77