Cisco Data Center Solutions and Virtualization (server, storage, network)

“Do I Know This Already?” Quiz – Cisco System Logging (Syslog)

by

Virtualization
in , ,

“Do I Know This Already?” Quiz

The “Do I Know This Already?” quiz enables you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read the entire chapter. Table 21-1 lists the major headings in this chapter and their corresponding “Do I Know This Already?” quiz questions. You can find the answers in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes.”

  

Table 21-1 “Do I Know This Already?” Section-to-Question Mapping

Foundation Topics Section

Questions

Secure Firewall Logging Essentials

1

Best Practices for Logging

2

Prerequisites

3

Sending Syslog from Threat Defense

4

Sending Syslog from Management Center

5

Troubleshooting Logs

6

Caution

The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark that question as wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.

1. Which of the following keywords does not represent a severity level?

  1. ALERT
  2. AUDIT
  3. DEBUG
  4. INFO

2. Which of the following statements is false?

  1. Secure Firewall can rate-limit syslog messages based on severity levels.
  2. Secure Firewall can send syslog messages for connection events.
  3. Syslog over UDP can introduce extra overhead in a large deployment.
  4. If the TCP syslog server goes down, user traffic cannot continue through Secure Firewall.

3. What is the standard port number of the syslog protocol?

  1. UDP 514
  2. TCP 1470
  3. Both UDP 514 and TCP 1470
  4. None of these answers are correct.

4. Which of the following options can be configured in the Platform Settings policy?

  1. Adding a custom banner
  2. Setting up time synchronization
  3. Sending syslog messages
  4. All of these answers are correct.

5. Which of the following event types can be used as a constraint in a correlation rule?

  1. Discovery events
  2. Intrusion and file events
  3. Connection events
  4. All of these answers are correct.

6. What is included in the Secure Firewall troubleshooting file package?

  1. Command output
  2. Database search queries
  3. Syslogs of running processes
  4. All of these answers are correct.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *