312-49 Question #520: Real Exam Question with Answer & Explanation

The correct answer is D: A packet matching the log criteria for the given access list has been detected (TCP or UDP). Cisco IOS syslog messages follow the format: %FACILITY-SEVERITY-MNEMONIC. Here, SEC = Security facility, 6 = Severity level 6 (Informational), and IPACCESSLOGP = the message mnemonic. The 'P' in IPACCESSLOGP specifically indicates the log was triggered by a TCP or UDP packet (pro

Submitted by satoshi_tk· Apr 18, 2026Network Forensics

Question

What does the part of the log, "% SEC-6-IPACCESSLOGP", extracted from a Cisco router represent?

Options

AThe system was not able to process the packet because there was not enough room for all of the
BImmediate action required messages
CSome packet-matching logs were missed because the access list log messages were rate limited,
DA packet matching the log criteria for the given access list has been detected (TCP or UDP)

Explanation

Cisco IOS syslog messages follow the format: %FACILITY-SEVERITY-MNEMONIC. Here, SEC = Security facility, 6 = Severity level 6 (Informational), and IPACCESSLOGP = the message mnemonic. The 'P' in IPACCESSLOGP specifically indicates the log was triggered by a TCP or UDP packet (protocols with port numbers) that matched an ACL entry configured with the 'log' keyword. IPACCESSLOG (no P) is for ICMP, and IPACCESSLOGRP is for rate-limiting notifications. Severity 6 is informational, not an immediate action message (which would be severity 1 or 2).

Topics

#Cisco logging#Log message interpretation#Network security logs#Access control lists (ACLs)

Community Discussion

No community discussion yet for this question.

Full 312-49 Practice Browse All 312-49 Questions