SNMP
What SNMP stands for
network baseline
collection of metrics about a network at a time of normal use
QoS stand for
Quality of service
first step in the incident response process
Preparation
The SNMP version that introduces encryption
SNMPv3
The reason establishing a baseline important
allows you to assess performance throughout the duration of a project
one method used to implement QoS.
network monitoring and management systems, traffic shaping and prioritization tools, quality measurement tools, and network devices with built-in QoS capabilities.
purpose of the containment step
to stop the spread and sprawl and to prevent further damage
Key difference between SNMP v1 and v3
SNMPv1 and SNMPv2c provide basic functionalities and are suitable for less critical scenarios, SNMPv3 is ideal for environments requiring robust security due to its comprehensive security features
How often should a network baseline be reviewed
once a day
QoS important for VoIP applications because
to prevent issues like packet loss and latency, ensuring smooth communication during peak network usage, especially for video calls
the eradication step is
the removal of suspicious or unauthorized resources in efforts to return the account to a known safe state
Security features of SNMP v3
Message integrity
Encryption
tools can be used to establish a network baseline
Netflow and sFlow
difference between traffic shaping and traffic policing.
Traffic policing directly discards the packets whose rate exceeds the rate limit. Traffic shaping, however, buffers the packets whose rate is greater than the traffic shaping rate
the lessons learned step are important because
enable project managers to identify and understand mistakes made during previous projects