Q: 12
A company has many Cisco FTD devices managed by a Cisco FMC. The security model requires that
access control rule logs be collected for analysis. The security engineer is concerned that the Cisco
FMC will not be able to process the volume of logging that will be generated. Which configuration
addresses this concern?
Options
Discussion
Probably D since sending connection events straight from FTDs to the SIEM could help reduce FMC load, but does the question specify if both event types must be centralized before forwarding? If all events have to go through FMC, that would change things.
Be respectful. No spam.
