SNMP Versions
What does SNMP stand for?
Simple Network Management Protocol
What is a network baseline?
A report of a networks normal state of operation.
What does QoS stand for?
Quality of Service.
What is the first step in the incident response?
The first step is Preparation.
Which SNMP version introduced encryption?
SNMPv3
Why is establishing a baseline important?
The baseline measurements can tell when performance for a network decreases or increases.
Name one method used to implement QoS.
Traffic Shaping (manipulating packets, data stream, or connections to manage the type and amount of traffic traversing a network or interface.)
What is the purpose of the containment step?
The containment step is meant to limit the spread of security threats once a security threat has been detected.
Describe a key difference between SNMPv1 and v3
SNMPv1 is the original version and its rarely used while SNMPv3 has authentication, validation, and encryption for messages.
How often should a network baseline be reviewed?
Why is QoS important for VoIP applications?
QoS is important for VoIP applications because it makes sure voice traffic comes before all other data on a network to allow for a clear voice call.
Describe the eradication step.
The part of the incident response when the security threat is removed along with what caused the security threat.
what are security features of SNMP v3?
SNMPv3 gives security features such as authentication, encryption, and validation.
What tools can be used to establish a network baseline?
Tools such as Netflow and Netflow analyzer can be used to establish a baseline for a network.
Explain the difference between traffic shaping and traffic policing.
Traffic shaping works with manipulating packets and data streams while traffic policing works by limiting traffic volume flow in a specific period of time.
Why is the lessons learned step important?
This step is important because it allows you to reflect on decisions/mistakes you made that led to a security threat on your computer. It is also important because you can learn how to identify potential scams/viruses in the future.