Free Cisco 300-710 Actual Exam Questions - Question 11 Discussion
access control rule logs be collected for analysis. The security engineer is concerned that the Cisco
FMC will not be able to process the volume of logging that will be generated. Which configuration
addresses this concern?
I’m thinking option B might be an angle to consider. Instead of relying on a single FMC to handle all logs, a cluster could distribute the load and reduce the chance of bottlenecks. That way, FMC still handles analysis but with better scalability. Does anyone know if FMC clustering is commonly used or supported specifically for log management in this context?
It’s D for me. Sending connection events straight from FTD to the SIEM takes the load off FMC, and then just forwarding security events from FMC keeps things manageable. That way you’re not overloading FMC by pushing all logs through it. Option A might work but risks missing proper correlation or overload from FTD handling everything alone. Splitting the log destinations like in D seems like a better balance between performance and comprehensive logging.
A