Which approach is intended to prevent exploits that target syslog?
- Use a Linux-based server.
- Use syslog-ng.
- Create an ACL that permits only TCP traffic to the syslog server.
- Use a VPN between a syslog client and the syslog server.
Explanation: Hackers may try to block clients from sending data to the syslog server, manipulate or erase logged data, or manipulate the software used to transmit messages between the clients and the server. Syslog-ng is the next generation of syslog and it contains improvements to prevent some of the exploits.
Exam with this question: Modules 24 - 25: Protocols and Log Files Group Exam Exam with this question: CCNA Cyber Ops Practice Final Exam Answers
Please login or Register to submit your answer