Home » LPI » 117-201 » Why shouldn’t you also use this machine as your central log host?
A single machine acts as a mail server, web server, and gateway to the Internet for the rest of your internal network. Why shouldn’t you also use this machine as your central log host?
A. It may reduce web server performance.
B. The remote logging may have a negative impact on network performance.
C. If the web server crashed, log messages from other hosts would be lost.
D. Under high load, syslogd on the web server may start rejecting messages, and clients would try to log the error, creating a recursive loop between the clients and the log host.
E. If the security of your server is compromised, an attacker would have access to log information from all your hosts.
Correct Answer: E
Explanation/Reference:
Explanation: You are running three services that connect directly to the Internet (mail server, web server and gateway). This in itself poses a security risk. The logs will contain a lot of information that an attacker would be able to access if the attacker gained access to your system.
Incorrect Answers
A:The logging may have a minimal effect on the web server. This is not as much a problem as the security risk in answer E.
B:It is unlikely that the remote logging will have any negative impact on the network performance.
C:If the web server crashed you may not be able to access the logs. However, this is not as much a problem as the security risk in answer E.
D:This just wouldn’t happen.
|
Download Printable PDF. VALID exam to help you PASS.
|
 |
