You create a policy in Cisco Umbrella and use the default log settings.
Which of the following statements are correct? (Choose two.)
A. Only security events are logged.
B. Activity logs are not stored.
C. Activity logs are saved to an AWS S3 bucket managed by Cisco.
D. No requests are logged.
E. Activity logs are saved to a Cisco data warehouse.
F. All requests are logged.
Explanation:
By default, all requests are logged and activity logs are saved to a Cisco data warehouse. Cisco Umbrella provides firewall, web gateway, Domain Name System (DNS) security, cloud access security broker (CASB), and threat intelligence solutions within a unified platform.
Logging options in Cisco Umbrella are configured per policy. When creating a policy with the Policy wizard, you can change log settings by expanding Advanced Settings. Within Advanced Settings, you can also enable Intelligent Proxy, enforce SafeSearch, and configure Allow-Only Mode. There are three security log settings in Cisco Umbrella:
• Log All Requests
• Log Only Security Events
• Don’t Log Any Requests
The Don’t Log Any Requests setting disables all logging. Cisco does not recommend using this setting because the reporting features of Cisco Umbrella rely largely on logged data.
By default, activity logs are saved to a Cisco data warehouse in California. You can manually change the data warehouse location to Frankfurt, Germany, at any time. However, reporting will use only the data that is logged at the new location; data stored in the United States stays in the United States, and data stored in Europe stays in Europe. Alternatively, you can enable logging to an AWS S3 bucket: either a self-managed bucket or a Cisco-managed bucket. Using your own AWS S3 bucket allows you to configure and manage it however you like. A Cisco-managed AWS S3 bucket is included with your Cisco Umbrella license, but you cannot store anything in the bucket except Cisco Umbrella log files.
Reference: https://docs.umbrella.com/deployment-umbrella/docs/log-management