SNMP Versions
SNMP stands for what?
Simple network management protocol
Describe a network baseline
A record of the network's normal operation state, possibly including a range of acceptable measurements
QoS stands for what?
The first step in the incident response process is what?
Preparation
Which SNMP version introduced encryption?
SNMP v3
What is the importance of establishing a baseline?
the baseline will act as a starting or reference point and keep track of the project
Name a method used to implement QoS
Traffic shaping (Differentiated service, class of service)
Describe the purpose of the containment step
When a team limits the damage caused by a security breach by isolating affected systems, preventing further damage
Describe the key difference between v1 and v3
v3 has security features, but v1 doesn't
How often should a network baseline be reviewed?
Why is QoS important for VoIP applications?
It prevents packet loss and latency, and ensures good communication, especially on a voice call.
Describe the eradication step
The process of eliminating the root cause of a security breach. (Includes malware or malicious code)
What are the security features of SNMP v3?
Authentication, validation, and encryption
What tools can be used to establish a network baseline?
SNMP, Netflow, sFlow
What is the difference between traffic shaping and traffic policing?
Traffic shaping involves delaying less important traffic. Traffic policing involves limiting the volume flowing in and out and momentary throughput.
Why is the lessons learned step important?
It allows organizations to know what went wrong during a security incident and the cause, and make improvements so that similar incidents won't happen again