SNMP Versions
What does SNMP stand for?
Simple Network Management Protoco
What is a network baseline?
A collection of metrics that capture a network's performance and configuration during normal use
What does QoS stand for?
Quality of Service
What is the first step in the incident response process?
The first step is preparation
Which SNMP version introduced encryption?
SNMP version 3 (SNMPv3) introduced encryption
Why is establishing a baseline important?
It provides a point of reference to measure progress, identify issues, and ensure a project meets its objectives.
Name one method used to implement QoS.
Traffic shaping, policing, marking etc.
What is the purpose of the containment step?
It limits the spread and impact of a security incident once it has been identified
Describe a key difference between SNMP v1 and v3.
SNMP v3 offers security features like user authentication and encryption, while SNMP v1 lacks these security measures
How often should a network baseline be reviewed?
Quarterly or monthly
Why is QoS important for VoIP applications?
It prioritizes voice traffic over other network data, ensuring smooth and clear voice calls by minimizing issues like packet loss.
Describe the eradication step.
The eradication phase is the first step in returning a compromised environment to its proper state
What are the security features of SNMP v3?
SNMP v3 features include: Message integrity, authentication, and encryption
What tools can be used to establish a network baseline?
Explain the difference between traffic shaping and traffic policing.
Traffic policing drops excess traffic while traffic shaping retains the excess and schedules it for a later transmission
Why is the lessons learned step important?
The lessons learned are the learning gained from the process of the project and can be used to improve future projects.