CompTIA Cloud+ (CV0-002) — Question 24

A cloud administrator updates the syslog forwarder configuration on a local server in production to use a different port. The development team is no longer receiving the audit logs from that server. However, the security team can retrieve and search the logs for the same server. Which of the following is MOST likely the issue?

Answer options

• A. The development team is not looking at the correct server when querying for the logs.
• B. The security team has greater permissions than the development team.
• C. The audit logging service has been disabled on the server.
• D. The development team's syslog server is configured to listen on the wrong port.

Correct answer: D

Explanation

The correct answer is D because the development team's syslog server needs to be configured to listen on the same port that the syslog forwarder is now using. Options A and B do not address the port configuration issue, while option C is incorrect since the security team can still access the logs, indicating the service is still active.