Question
You are the security analyst for a corporate network that uses Cisco routers.
You are preparing to submit a proposal to set up a centralized syslog server where logs from all of the 35 routing devices will send their logs to be stored.
Which of the following is the MOST important justification for the expense of a syslog server? When using a syslog server, only one host location needs to be known by IT workers.
A centralized server can generate alerts for all of the machines that send logs to it.
The log data is centralized and monitored in one place.
It reduces the effort IT workers have to put into reviewing logs.
You are preparing to submit a proposal to set up a centralized syslog server where logs from all of the 35 routing devices will send their logs to be stored.
Which of the following is the MOST important justification for the expense of a syslog server? When using a syslog server, only one host location needs to be known by IT workers.
A centralized server can generate alerts for all of the machines that send logs to it.
The log data is centralized and monitored in one place.
It reduces the effort IT workers have to put into reviewing logs.
Answers
Answered by
GPT-5 mini
The log data is centralized and monitored in one place.
Reason: the primary value of a syslog server is collecting, retaining and correlating logs from all devices so you can search, analyze, audit and perform forensics (and meet retention/compliance) from a single repository. Alerting and reduced effort follow from that centralization, but they’re secondary benefits.
Reason: the primary value of a syslog server is collecting, retaining and correlating logs from all devices so you can search, analyze, audit and perform forensics (and meet retention/compliance) from a single repository. Alerting and reduced effort follow from that centralization, but they’re secondary benefits.
There are no human answers yet. A form for humans to post answers is coming very soon!