Chapter 20 Network Monitoring

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

An SNMP agent listens on which port when used with TLS?

10161

SNMP agents use UDP port:

161 10161 (TLS)

SNMP managers use UDP port:

162 10162 (TLS)

Simple Network Management Protocol (SNMP)

A TCP/IP protocol used to monitor network traffic. It creates a managed network

Security Information and Event Management (SIEM)

A two-part process consisting of security event monitoring (SEM), which performs real-time monitoring of security events, and security information management (SIM), where the monitoring log files are reviewed and analyzed by automated and human interpreters.

In an SNMP managed network, which software does a managed device run?

Agent

Set

An NMS can tell an agent to make changes to the information it queries and sends (variables)

Trap

An agent can solicit information from an NMS

Where does a packet sniffer put information it collects?

Capture file

An SNMP system uses ________________ PDUs for querying agents.

Get

SNMP systems 4 core functions called PDU's:

Get Response Set Trap

How does an SNMP managed system categorize data that can be queried?

MIB

In an SNMP managed network, which software does an SNMP manager run?

NMS

What component in NetFlow stores information from NetFlow caches?

NetFlow Collectors

A primary tool for capturing and analyzing the flow of packets from one device to another is called ________________.

Netflow

Managed network

Network that is monitored by the SNMP. Consists of 3 components: SNMP manager Managed devices Management information bases

John is conversing with another tech who consistently uses the term "network analyzer" when discussing network monitoring tools. What sort of tool is he using?

Packet analyzer

Jason is concerned about the communication between two workstations and wants to capture and analyze that traffic to see if anything illicit is going on. Which tool would best serve his needs?

Packet sniffer

Metrics

Performance and use option numbers used by interface monitors. Examples include bandwidth, utilization, packet drops, error rates, etc

SNMP manager

Requests and processes information from the managed devices. Runs a specialized software called a network management station (NMS)

A newly hired networking wiz works through the weekend and proudly announces at the Monday staff meeting, "Now you techs can't hide from your duties. All problems with managed devices will be reported to your cell phones." What did the wiz add to the SNMP managed system?

SMS alerts

A(n) ________________ requests and processes information from managed devices.

SNMP manager

An analysis of a network shows a lot of traffic on one machine on port 162. What kind of machine is it?

SNMPmanager

The boss at a small business wants to implement a management system for his network, but due to the sensitive nature of the traffic flowing, that data needs to be secure. Which version of SNMP should he implement?

SNMPv3

Response

Sent by an agent with requested information

Get request

Sent when an SNMP manager wants to query an agent

Which PDU enables a tech to change the variables queried of a managed device?

Set

Agents

Specialized software ran by managed devices

Network Management Station (NMS)

Specialized software used by SNMP manager

flow cache

Stores sets of flows for interpretation and analysis. A single flow entry usually contains info such as destination/source address, destination/source port, etc.

NetFlow

The primary tool used to monitor packet flow on a network. Developed by Cisco

Log management

The process of providing proper security and maintenance for log files to ensure the files are organized and safe.

Interface monitor

Track bandwidth and utilization of one or more devices on a network

An agent uses ________________ PDUs to solicit information from an NMS.

Trap

Management Information Base (MIB)

Used by SNMP to categorize data that can be queried

flow

a flow of packets from one specific place to another

baseline

a log of performance indicators that give a picture of the network when working properly

protocol analyzer

a program that processes captured files from packet sniffers and analyzes them,

packet sniffer

a program that queries a network interface and captures packets in a file (capture file)

Raphael can compare the results of a current Performance Monitor output with the ________________ to see if the network is performing correctly.

baseline

Bart has a choice of tools to view his managed network, but he primarily wants to see graphs of various types of data, such as the overall traffic and the current capacities of the file servers. Which tool offers him the best option?

cacti

Graphing programs like ________________ can show everything about specific switches, such as bandwidth usage.

cacti

A packet sniffer queries a network interface and collects packets in a(n) ________________.

capture file

Jill suspects a switch on Level 12 has a bottlenecked port, with too much traffic. Which tool would enable her to check that port specifically?

interface monitor

Use a(n) ________________ program to track the quantity and utilization of traffic through a physical port or ports on a single device.

interface monitor

Performance monitors use a(n) ________________ to store some form of performance information about a system.

log

Cindy's newly installed Windows network runs great! She needs to create a baseline now for later analysis. Which tool should she use?

performance monitor

The ________________ utility tells the SNMP manager to perform a series of Get commands.

snmpwalk

Logs

store information about the performance of some particular aspect of a system

Performance monitor

tracks performance of some aspect of a system over time and notifies when things aren't normal

snmpwalk

uses a sequence of GETNEXT requests to query network entities for a tree of information


Kaugnay na mga set ng pag-aaral

Unit 9 Assessment: Sub Saharan Africa

View Set

Three-Dimensional Figures and Cross Sections

View Set

unit 4 american society college board q&a

View Set

ATI Trauma, Crisis, Disaster and Related Disorders Questions

View Set

"What Darwin Never Knew" Video Worksheet

View Set

Ch 48 Intestinal & Rectal Disorders

View Set

Missed on Practice Problems Cogsci MT1

View Set