Shared Flashcard Set

Details

CompTIA Network+ Chapter 20: Network Monitoring
Studying material based on Mike Meyers' book
7
Computer Networking
Post-Graduate
08/16/2024

Additional Computer Networking Flashcards

 


 

Cards

Term

The de facto network management protocol for TCP/IP networks. (pg. 708)

 

A. TLS

B. HTTPS

C. UDP

D. SNMP

Definition

D. It's in the name - Simple Network Management Protocol.

 

SNMP uses UDP ports 161 and 162 for nonsecure communication, and TLS ports 10161 and 10162 when security is added.

Term

When an SNMP manager/network management system wants to query an agent, it sends a ___ request. An agent then sends a ___ with the requested information. (pg. 710)

 

A. Get/Response

B. ping

C. SYN/ACK

D. Set/Trap

 

Definition

A. Get/Response

 

If an SNMP manager wants an agent to make changes to the information it queries, it uses the Set request.

 

An agent uses the Trap request to get information from the SNMP manager.

 

A ping is used by one system to check
"up/down" status of an IP addressed host.

 

The SYN and ACK commands are two of the segments in the TCP three-way handshake between a client and server.

Term

A tool that queries a network interface and collects packets in a file. (pg. 713)

 

A. traffic inspector

B. interface monitor

C. protocol analyzer

D. packet sniffer

Definition

D. Packet sniffers typically sit on a single computer, or perhaps on a router or dedicated piece of hardware.

 

Protocol analyzers process capture files from packet sniffers and gives you an output of that information.

 

An interface monitor tracks the bandwidth and utilization of one or more interfaces on one or more devices.

Term

A log of performance indicators used to establish what is considered normal performance of the network and servers when they are working correctly. (pg. 721)

 

A. protocol analyzer

B. sensor

C. baseline

D. packet sniffer

Definition

C. CPU usage and network utilization are typical values in a baseline log. A major change in these values an point to problems on a server or network as a whole.

 

Packet sniffers, protocol analyzers and sensors are all tools useful for collecting key performance indicators that can be used to establish the baseline.

Term

The default destination port for syslog, the default performance monitoring tool built into macOS and Linux. (pg. 725)

 

A. UDP port 53

B. UDP port 514

C. TCP port 601

D. TCP port 514

Definition

B. syslog uses UDP port 514.

 

DNS uses UDP port 53.

 

The other two aren't very relevant.

Term

An SNMP manager uses which port when used with TLS? (pg. 712)

 

A. 161

B. 162

C. 10161

D. 10162

Definition

D. An SNMP manager uses port 10162 with Transport Layer Security. When an agent responds, it uses 10161.

 

Without TLS, the manager would use UDP 161 and the agent would use UDP 162.

Term

Which tool would you use to capture and analyze the traffic between two workstations to see if there is anything illicit going on? (pg. 716)

 

A. interface monitor

B. packet flow monitor

C. packet sniffer

D. performance monitor

Definition

B. Packet flow monitoring software tracks traffic flowing between specific source and destination devices.

 

An interface monitor is like a traffic monitor for the network instead of being between two devices.

 

A packet sniffer captures packet data from a single device.

 

Performance monitors track the performance of some aspect of a system over time.

Supporting users have an ad free experience!