Which TWO of the following are best practices for configuring syslog in a secure monitoring environment? (Choose two.)
Limiting log size prevents denial of service due to full disk.
Why this answer
Configuring a maximum log file size prevents syslog messages from filling up the disk, which could cause the system to crash or become unresponsive. This is a critical best practice in secure monitoring to ensure logging continues without exhausting storage resources.
Exam trap
Cisco often tests the misconception that changing default ports or using UDP provides security, when in fact these practices do not address real threats like interception or data loss.