ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-620 All Questions

View all questions & answers for the 300-620 exam
Go to Exam

Exam 300-620 topic 1 question 295 discussion

Actual exam question from Cisco's 300-620
Question #: 295
Topic #: 1
[All 300-620 Questions]

A company is implementing a new security policy to track system access, configuration, and changes. The network engineer must enable the log collection to track user login and logout attempts. In addition, any configuration changes such as a fabric node failure must be collected in the logs. The syslog policy is configured to send logs to the company SEIM appliance.

Which two log types must be enabled to meet the security requirements? (Choose two.)

  • A. error
  • B. audit
  • C. fault
  • D. event
  • E. health
Show Suggested Answer Hide Answer
Suggested Answer: BC 🗳️
by udo2020 at Jan. 18, 2025, 2:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
prospio971
2 months, 3 weeks ago
Selected Answer: BC
To meet the security requirements of tracking user login/logout attempts, configuration changes, and fabric node failures, the following log types must be enabled: Audit Logs (B): Purpose: Audit logs track changes to managed objects, including configuration changes made by users or the system. This is essential for monitoring who made changes, what changes were made, and when. Relevance to the Scenario: Audit logs will capture configuration changes in the ACI fabric, such as modifications to policies or settings. Fault Logs (C): Purpose: Fault logs capture issues or failures in the ACI fabric, such as hardware faults (e.g., a fabric node failure) or misconfigurations. Relevance to the Scenario: Fault logs will record events like fabric node failures, ensuring these critical issues are logged and sent to the SIEM appliance for monitoring.
upvoted 1 times
...
udo2020
3 months, 2 weeks ago
Selected Answer: B
This is interesting question. A configuration change is not a failure and and node failure is not an event. B Audit is ok but if it's C or D it depends on the question.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago