NSE 5 – FortiSIEM 5.2 — Question 12

An administrator defines SMTP as a critical process on a Linux server. If the SMTP process is stopped, FortiSIEM would generate a critical event with which event type?

Answer options

• A. PH_DEV_MON_PROC_STOP
• B. Postfix-Mail-Stop
• C. Generic_SMTP_Process_Exit
• D. PH_DEV_MON_SMTP_STOP

Correct answer: A

Explanation

The correct answer, A. PH_DEV_MON_PROC_STOP, indicates a general process stop event that FortiSIEM recognizes as critical. The other options, while related to the SMTP service, do not represent the specific event type generated for a halted process as defined by the FortiSIEM monitoring system.