Implementing Cisco Application Centric Infrastructure (DCACI) — Question 269

A company is implementing a new security policy to track system access, configuration, and changes. The network engineer must enable the log collection to track user login and logout attempts. In addition, any configuration changes such as a fabric node failure must be collected in the logs. The syslog policy is configured to send logs to the company SEIM appliance.

Which two log types must be enabled to meet the security requirements? (Choose two.)

Answer options

• A. error
• B. audit
• C. fault
• D. event
• E. health

Correct answer: B, C

Explanation

The correct answers are B (audit) and C (fault). Audit logs are essential for tracking user activities like logins and logouts, while fault logs provide information on configuration changes such as node failures. The other options, such as error, event, and health logs, do not specifically address the requirements for tracking user access and configuration alterations.