CompTIA Cloud+ (CV0-003) — Question 61

A cloud administrator is configuring several security appliances hosted in the private IaaS environment to forward the logs to a central log aggregation solution using syslog. Which of the following firewall rules should the administrator add to allow the web servers to connect to the central log collector?

Answer options

• A. Allow UDP 161 outbound from the web servers to the log collector
• B. Allow TCP 514 outbound from the web servers to the log collector
• C. Allow UDP 161 inbound from the log collector to the web servers
• D. Allow TCP 514 inbound from the log collector to the web servers

Correct answer: B

Explanation

The correct answer is B because syslog typically uses TCP port 514 for log transmission from clients to the server. The other options either use the wrong protocol or direction of traffic, which would not allow the web servers to successfully send logs to the central log collector.