What does SNMP stand for?
Simple Network Management Protocol
What is a network baseline?
Metrics of a network at a time of normal use
What does QoS stand for?
Quality of service
What is the first step of the 6 steps of incident response?
Which SNMP version introduced validation?
SNMP v3
How often should you review a network baseline?
At least once a day.
Name 1 methods used to implement QoS
Traffic Shaping (example there are other correct answers)
What do you do in the 2nd step of response process?
Detecting and Identifying the issue.
What are the features introduced in SMNP v2?
Improved performance and slightly better security.
What tools are used to create a network baseline?
Netflow or sFlow
What is traffic shaping?
The optimization of network traffic and bandwidth management
List every step in the incident response process
Preparation, Detection and Identification, Containment, Remediation, Recovery, Review
How does SNMP function?
Monitoring and managing devices over an IP
How does a network baseline function?
By monitoring network traffic at a normal time
What is the difference between traffic shaping and traffic policing?
Traffic shaping delays less important traffic.
Traffic policing limits the volume of traffic flowing into the network.
When should you use the 6 steps of incident response?
When an event has characteristics that qualifies as a formal incident. Examples: Illegal activity, Malware outbreak, Weather-related emergency's.
Explain the differences between all versions of SNMP
SNMPv1 is the original version and is rarely used today
SNMPv2 with increased performance and slightly better security
SNMPv3 adds authentication, validation, and encryption for messages exchanged between managed devices and the network management console
Explain why it is critical to have a network baseline
To establish a pattern of network traffic, identifying changes needed or oddities in the network.
Why is it important to ensure QoS?
Guarantee performance and reliability.
Why are the 6 steps of incident response important?
To keep people safe, ensuring protection of sensitive, network availability and integrity, and further prevention of related incidents