SNMP Versions
What does SNMP stand for
Simple Network Management Protocol
What is a network baseline?
A network baseline is a collection of metrics that represent a network's normal working conditions.
What does QoS stand for?
Quality of Service
What is the first step in the incident response process?
preparation
Which SNMP version introduced encryption?
SNMPv3
Why is establishing a baseline important?
Establishing a baseline is important because it provides a starting point for measuring progress and performance over time
Name one method used to implement QoS.
traffic queuing
What is the purpose of the containment step?
To limit the spread and impact of a detected security threat.
Describe a key difference between SNMP v1 and v3.
SNMP v3 offers robust security features like user authentication and encryption, while SNMP v1 lacks these security measures and relies on plain-text community strings
How often should a network baseline be reviewed?
at least once a quarter
Why is QoS important for VoIP applications?
It prioritizes voice traffic over other data on a network, ensuring smooth and reliable voice calls by minimizing issues like packet loss, latency, and jitter.
Describe the eradication step.
The phase where a security team actively removes and eliminates the root cause of a security threat from a compromised system.
What are the security features of SNMP v3?
SNMP v3 provides security features like authentication to verify the source of a message, privacy to encrypt the data within the message, and message integrity to ensure a packet hasn't been tampered with during transmission
What tools can be used to establish a network baseline?
You can utilize tools like NMPs that capture network traffic data through protocols like NetFlow, sFlow, or IPFIX, packet sniffers, dedicated network performance analyzers, and basic network diagnostic commands like ping and traceroute
Explain the difference between traffic shaping and traffic policing.
Traffic shaping actively delays packets exceeding a set rate to smooth out traffic flow, while traffic policing simply detects and potentially discards packets that violate a defined rate limit
Why are the lessons learned step important?
Lessons learned enable project managers to identify and understand mistakes made during previous projects.