Use CSA Analysis and define and generate reports
Questions derived from the Cisco Security Agent Guide, Chapter 4: Understanding CSA Policies, Modules, and Rules, CSA Rules, pp. 94-96. 642-513 – Securing Hosts Using Cisco Security Agent.
Objective: Use CSA Analysis and define and generate reports
SubObjective: Explain the features of the Event Log and Event Monitor
Item Number: 642-522.214.171.124
Multiple Answer, Multiple Choice
Which information is logged for Network access control rules? (Choose two.)
- File operation
- Registry key
- COM component PROGID/CLSID
The following information is logged for Network access control rules:
- Process path
- Network address
The option file operation is incorrect. The information regarding file operation is logged for File access control rule.
The option registry key is incorrect. The information regarding registry key is logged for Registry access control rule.
The option COM component PROGID/CLSID is incorrect. The information regarding COM component PROGID/CLSID is logged for COM component access control rule.
For more information, see Event Logging and Alerts