SNMP Versions
What does SNMP stand for?
Simple Network Management Protocol
What is a network baseline?
A network baseline is a snapshot of the normal performance and behavior of a network.
What does QoS stand for?
Quality of Service
What is the first step in the incident response process?
Preparation
What does MIB stand for?
Management Information Base.
Which SNMP version introduced encryption?
SNMP v3
Why is establishing a network baseline important?
It helps identify deviations from normal behavior, which may indicate a security threat or performance issue.
Name one method used to implement QoS.
Prioritizing traffic with techniques such as Differentiated Services Code Point (DSCP) or Class of Service (CoS).
What is the primary purpose of the containment step?
To isolate the affected system and prevent the spread of the incident.
What is MIB used for in SNMP?
Storing network management data.
Describe one key difference between SNMP v1 and SNMP v3.
SNMP v1 lacks security, while SNMP v3 adds encryption and authentication.
How often should a network baseline be reviewed and updated?
Regularly, especially after significant network changes or every 6-12 months.
Why is QoS critical for VoIP applications?
It ensures minimal latency, packet loss, and jitter for clear voice communication.
Describe the eradication step of incident response.
Eradication means finding and removing the cause, like deleting malware or fixing weaknesses.
Name a protocol that uses MIB.
SNMP.
What are the three main security features of SNMP v3?
Authentication, Encryption (Confidentiality), and Message Integrity
What are two tools commonly used to establish and monitor a network baseline?
Network monitoring tools such as Wireshark and SolarWinds.
What is the key difference between traffic shaping and traffic policing?
Traffic shaping slows extra data; traffic policing drops it.
Why is the “lessons learned” step important?
It improves the plan and prevents future incidents.
What kind of information is stored in a MIB?
Network device statistics, configurations, and status.
What are the main security risks of using SNMP v1 or v2?
Lack of encryption and use of plain-text community strings.
What happens if no baseline exists?
Hard to spot unusual behavior or issues.
How does QoS improve streaming?
Prioritizes critical traffic for smooth streaming.
What’s a challenge after "Lessons Learned"?
Applying fixes to prevent future incidents.
How does MIB help network administrators manage devices?
MIB organizes device data in a structured way, making it easier to monitor and manage networks.