SNMP Versions
What does SNMP stand for?
What is Simple Network Management Protocol.
What is a network baseline?
What is network baseline is a reference point that represents the normal performance and behavior of a network.
What does QoS stand for?
What is Quality of Service.
What is the first step in the incident response process?
What is Preparation.
Which SNMP version introduced encryption?
What is SNMP v3.
Why is establishing a baseline important?
What is It helps identify anomalies, diagnose performance issues, and detect security threats by comparing current behavior to expected norms.
Name one method used to implement QoS
What is Differentiated Services Code Point (DSCP).
Explain the difference between traffic shaping and traffic policing.
What is To limit the damage caused by an incident and prevent it from spreading further.
Describe a key difference between SNMP v1 and v3.
What is SNMP v1 lacks built-in security, using plaintext community strings, while SNMP v3 introduces authentication, encryption, and message integrity.
How often should a network baseline be reviewed?
What is typically quarterly or whenever significant changes are made to the network.
Why is QoS important for VoIP applications?
What is It ensures low latency, minimal jitter, and reduced packet loss, which are critical for maintaining call quality.
Describe the eradication step.
What is It involves removing the root cause of the incident, such as malware, and ensuring no traces of the threat remain.
What are the security features of SNMP v3?
What is Authentication, encryption, and message integrity.
What tools can be used to establish a network baseline?
What is Network monitoring tools like SolarWinds, Wireshark, Nagios, and PRTG.
Explain the difference between traffic shaping and traffic policing.
What is Traffic shaping delays excess packets to smooth traffic flow, while traffic policing drops or marks packets that exceed a set rate.
Why is the lessons learned step important?
What is It allows organizations to review what happened, improve their response process, and strengthen defenses against future incidents.