Term
| What are some improvements in SNMPv2 over SNMPv1? |
|
Definition
SNMPv2 defines 2 new protocol operations:
-getbulk - retrieves large blocks of data, such as multiple rows in a table. Agents will provide partial results when full values are not available.
-inform - allows 1 NMS manager to send trap information to other NMS managers and to retrieve information.
Another improvement is that data type values can be 64 bit(as of 32 bit with SNMPv1) |
|
|
Term
| What are the 5 different message types used to carry out the communication with SNMPv1? |
|
Definition
- Get request - retrieves the value-specific MIB variable from an agent.
- Get response - contains the value of the requested variable.
- Get next request - Used to obtain the next object instance in a table or list within an agent.
- Set request - sets values of the object instance within an agent (like setting an IP for an interface or bringing it up/down)
- Trap - used to inform the NMS manager of a significant arlarm event. |
|
|
Term
| Describe the different syslog message levels |
|
Definition
-0 Emergency - system is unusable
-1 Alert - take action immediately
-2 Critical - critical conditions
-3 Error - error messages
-4 Warning - warning conditions
-5 Notice - normal but significant events
-6 Informational - informational messages
-7 Debug - debug level messages |
|
|
Term
| Describe how RMON is used as a network management technology. |
|
Definition
| RMON is a standard monitoring specification that enables network monitoring devices and console systems to exchange network monitoring data. Provides more info than SNMP, but requires more sophisticated data collection devices. |
|
|
Term
| What are the 9 monitoring groups defined by RMON1? |
|
Definition
1 - statistics - contains real time statistics for interfaces, packets sent, bytes, CRC errors, fragments, etc
2 - history - stores periodic statistic samples for later retrieval.
3 - alarm - an alarm is generated if a statistic sample crosses a threshold.
4 - host - host-specific statistics
5 - hostopN - most active hosts
6 - matrix - stores statistics for conversions between 2 hosts
7 - filters - allows packets to be filtered
8 - packet capture - allows packets to be captured for subsequent analysis
9 - events - generates notification of events
10 - token ring - for token ring networks (RMON extension) |
|
|
Term
| What are some improvements in SNMPv3 over previous versions? |
|
Definition
| SNMPv3 provides authentications and privacy by using user names and access control by using key management. Security levels are implemented to determine which devices a user can read, write, or create. SNMPv3 also verifies each message to ensure that it has not been modified during transmission. |
|
|
Term
| What are the 3 levels of security introduced by SNMPv3? |
|
Definition
-noauthnopriv - provides no authentication and no privacy
-authnopriv - authentication is provides but not encryption
-authpriv - provides authentication and encryption. |
|
|
Term
| What are the 5 network management processes that are defined by the ISO? |
|
Definition
-Fault management - detecting and correcting network fault problems.
-Configuration management - baselining, modifying, and tracking configuration changes.
-Accounting management - keeping track of circuits for billing of service
-Performance management - measures the network's effectiveness at delivering packets
-Security management - tracks the authentication and authorization information. |
|
|
Term
| What are the 3 network management components of SNMP? |
|
Definition
- the managed device
- the agent that resides on the managed device
- the network management system (NMS) |
|
|
Term
| What is a management information base? |
|
Definition
| An MIB is a collection of information that is stored on the local agent of the managed device. They are organized in a hierarchical, treelike structure, with each branch containing similar objects. |
|
|
Term
| What are the 9 additional monitoring groups defined by RMON2 on top of RMON1? |
|
Definition
11- protocoldir - lists the protocols that device supports 12- protocoldis - traffic statistics for each protocol 13 - addressmap - contains network-to-MAC layer address mapping (IP-to-MAC) 14 - nlhost - contains statistics for traffic sent to or from network layer hosts 15 - nlmatrix - contains statistic for conversion between 2 network layer hosts 16 - alhost - contains application layer statistics for traffic sent to or from each host 17 - almatrix - contains application layer statistics for conversions between pairs of hosts 18 - userhistory - contains periodic samples of specified variables 19 - probeconfig - probe patameter configuration |
|
|
Term
| Describe how netflow works as a network management technology. |
|
Definition
Cisco's netflow allows the tracking of IP flow as they are passed through routers and multilayer switches. The 3 major components of netflow are networking accounting, flow collector engines, and data analyzers. Netflow gathers more info than RMON, including adding date and time stamping. Netflow provides detailed information on:
- source and destination IP addresses and interface identifiers
- TCP/UDP source and destination port numbers
- number of bytes and packets per flow
- IP type of service (ToS) |
|
|
Term
| What protocol does SNMP run over? |
|
Definition
|
|
Term
| What layer of the OSI model does CDP run under? |
|
Definition
|
|
Term
| How many facilities are available for syslog on Cisco routers? |
|
Definition
| More than 500 facilities can be configured for syslog on Cisco routers. |
|
|
