ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CV0-003 All Questions

View all questions & answers for the CV0-003 exam
Go to Exam

Exam CV0-003 topic 1 question 236 discussion

Actual exam question from CompTIA's CV0-003
Question #: 236
Topic #: 1
[All CV0-003 Questions]

A cloud administrator is configuring several security appliances hosted in the private IaaS environment to forward the logs to a central log aggregation solution using syslog. Which of the following firewall rules should the administrator add to allow the web servers to connect to the central log collector?

  • A. Allow UDP 161 outbound from the web servers to the log collector
  • B. Allow TCP 514 outbound from the web servers to the log collector
  • C. Allow UDP 161 inbound from the log collector to the web servers
  • D. Allow TCP 514 inbound from the log collector to the web servers
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by CapJackSparrow at Jan. 18, 2023, 10:10 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pongsathorn
10 months, 4 weeks ago
Selected Answer: B
For sending syslog data from the web servers to the central log collector, you should typically use UDP port 514. Syslog commonly uses UDP as the transport protocol. So, you should allow outbound traffic from the web servers on UDP port 514 to the central log collector. The correct answer is: B. Allow TCP 514 outbound from the web servers to the log collector. Please note that while UDP is more common for syslog, there are situations where TCP may be used, especially for reliable and secure log transmission. However, UDP 514 is the traditional syslog port for non-secure syslog messages. If you are using TCP, you would need to specify it in your syslog configuration.
upvoted 3 times
...
BeauChateau
1 year, 3 months ago
Selected Answer: B
The correct answer is B. Syslog uses port 514 for communication, and the web servers are sending logs to the central log collector. Therefore, the firewall rule should allow outbound traffic from the web servers to the log collector on TCP port 514. A is incorrect because UDP port 161 is used by SNMP, not syslog.
upvoted 2 times
...
beamage
1 year, 6 months ago
The default protocol for sending syslogs is UDP with a default port of 514. For TCP, the default port is 1468 The TCP port is only recently started being used.
upvoted 2 times
...
CapJackSparrow
1 year, 6 months ago
514 is UDP... BUT this is what I found, hope this helps someone. https://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/63884-config-asa-00.html
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel