Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

sncf 300-710 2022 > Chapter 21. System Logging (Syslog) > Flashcards

Chapter 21. System Logging (Syslog) Flashcards

1
Q
  1. Which of the following keywords does not represent a severity level?

A. ALERT

B. AUDIT

C. DEBUG

D. INFO

A

B. The AUDIT keyword is used as a facility level to represent the audit subsystem.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. Which of the following statements is false?

A. Secure Firewall can rate-limit syslog messages based on severity levels.

B. Secure Firewall can send syslog messages for connection events.

C. Syslog over UDP can introduce extra overhead in a large deployment.

D. If the TCP syslog server goes down, user traffic cannot continue through Secure Firewall.

A

C. Syslog over TCP can introduce extra overhead in a large deployment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. What is the standard port number of the syslog protocol?

A. UDP 514

B. TCP 1470

C. Both UDP 514 and TCP 1470

D. None of these answers are correct.

A

C. Syslog messages can be sent over both UDP and TCP. The default ports are UDP 514 and TCP 1470.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Which of the following options can be configured in the Platform Settings policy?

A. Adding a custom banner

B. Setting up time synchronization

C. Sending syslog messages

D. All of these answers are correct.

A

D. All of these answers are correct. Using platform settings, you can add a custom banner to appear during threat defense login; allow the hosts that can communicate with the threat defense over SSH, HTTPS, and ICMP protocols; define how the threat defense will synchronize time with its management center or an NTP server; provide health monitoring status over Simple Network Management Protocol (SNMP); send security events and system messages to an external syslog server; and many more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Which of the following event types can be used as a constraint in a correlation rule?

A. Discovery events

B. Intrusion and file events

C. Connection events

D. All of these answers are correct.

A

D. All of these answers are correct. You can create a correlation rule based on discovery events, intrusion events, file events, connection events, and many other constraints.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. What is included in the Secure Firewall troubleshooting file package?

A. Command output

B. Database search queries

C. Syslogs of running processes

D. All of these answers are correct.

A

D. All of these answers are correct. The troubleshooting file package contains log messages of various system processes, copies of configuration files, results of database queries, various command outputs, and so on.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

sncf 300-710 2022 (21 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions