nerdexam
CompTIA

CV0-003 · Question #766

A cloud administrator is configuring several security appliances hosted in the private IaaS environment to forward the logs to a central log aggregation solution using syslog. Which of the following f

The correct answer is B. Allow TCP 514 outbound from the web servers to the log collector. Syslog uses port 514 for communication, and the web servers are sending logs to the central log collector. Therefore, the firewall rule should allow outbound traffic from the web servers to the log collector on TCP port 514.

Operations

Question

A cloud administrator is configuring several security appliances hosted in the private IaaS environment to forward the logs to a central log aggregation solution using syslog. Which of the following firewall rules should the administrator add to allow the web servers to connect to the central log collector?

Options

  • AAllow UDP 161 outbound from the web servers to the log collector
  • BAllow TCP 514 outbound from the web servers to the log collector
  • CAllow UDP 161 inbound from the log collector to the web servers
  • DAllow TCP 514 inbound from the log collector to the web servers

How the community answered

(46 responses)
  • A
    2% (1)
  • B
    89% (41)
  • C
    7% (3)
  • D
    2% (1)

Explanation

Syslog uses port 514 for communication, and the web servers are sending logs to the central log collector. Therefore, the firewall rule should allow outbound traffic from the web servers to the log collector on TCP port 514.

Topics

#syslog#firewall rules#log aggregation#TCP 514

Community Discussion

No community discussion yet for this question.

Full CV0-003 Practice