SNMP Versions
What suite is SNMP part of?
TCP/IP
What is a baseline?
A report of the network's normal state of operation and might include a range of acceptable measurements
What is QoS?
Group of techniques for adjusting the priority a network assigns to numerous types of transmissions
What is the 4th step of the incident response?
Remediation
What's the difference between SNMPv1 and SNMPv2
SNMPv1 is the original version that is rarely used today and SNMPv2 is the improved version with increased performance and slightly better security
How are network performance baselines obtained?
By analyzing network traffic information
What is Traffic Shaping?
Manipulating packets, data stream, or connections to manage the type and amount of traffic traversing network or interface
What is an incident?
Any event that has adverse effects on a network's availability or resources
What does SNMP help with?
Monitoring and managing devices on a network
What is the reason for baseline measurements?
They serve as a basis of comparison for future performance increases or decreases caused by network changes with past network performance
Give one example of traffic policing
Limiting traffic volume flowing in and out of interface during specified time period OR Limiting momentary throughput rate for an interface
What type of incident involves a network outage that affects more than a single system?
A disaster
Most SNMP conversations are initiated by the NMS server, except when...
A managed device sends an SNMP Trap message
Why is a network baseline useful?
It can provide valuable insights when trying to diagnose a problem or pinpoint an intrusion, over usage, or misconfiguration
Who two types does DiffServ define?
EF (Expedited Forwarding) and AF (Assured Forwarding)
List the 6 step Incident Response process
1. Preparation
2. Detection and Identification
3. Containment
4. Remediation
5. Recovery
6. Review
Which two SNMP versions are similar to each other but adds authentication?
SNMPv3 and SNMPv2
What is the baseline measurement tool capable of?
Collecting the statistics needed like measuring traffic generated by each node on a network, filter traffic according to types of protocols and errors, and simultaneously measure statistics from several network segments.
What must a networks connectivity device and clients do to achieve their QoS benefits?
Support the same set of protocols
What do incident response plans specifically define?
Characteristics of an event that qualifies as a formal incident and the steps that should be followed