12) Ensuring Network Availablity Flashcards
You will investigate some tools and management methods that will help you determine your network's baseline and optimize your network's performance. a) Explain the use of network management services. b) Use event management to ensure network availability. c) Use performance metrics to ensure network availability.
A file server on the network is receiving synchronized time so that it can communicate properly, however it cannot provide synchronized time for other devices on the network. Why is this?
A.The server supports only NTP
B.The server is a stratum 1 server
C.The server is a stratum 2 server
D.The server supports only SNTP
D. The server supports only SNTP
The server supports only Simple Network Time Protocol (SNTP). SNTP works over the same port as NTP, UDP port 123. A host that supports only SNTP cannot act as a time source for other hosts.
The Network Time Protocol (NTP) enables the synchronization of time-dependent and time-critical applications such as authentication and security mechanisms, scheduling applications, and backup software.
A stratum 1 server is a top-level NTP server that obtains the coordinated universal time via a direct physical link to an accurate clock source.
A stratum 2 server synchronizes its time with a stratum 1 server as a client and acts as a server or time source to lower stratum NTP servers or client hosts.
An administrator is monitoring the performance metrics for a server and notices that the system memory utilization is very high. What does this indicate?
A.There is a problem with network traffic
B.There is low storage space
C.The storage I/O is too slow
D.The system needs an upgrade
D. The system needs an upgrade
In performance metrics, if the system memory utilization (measured as a percentage) is very high, an administrator needs to upgrade the system memory.
In performance metrics, if the CPU utilization (measured as a percentage) is very high, the administrator may need to upgrade the system or there may be a problem with network traffic.
Some network devices require persistent storage to keep configuration information and logs. If a device runs out of storage space, it could cause serious errors in the performance metrics.
Servers depend on fast input/output (I/O) to run applications efficiently and if the storage I/O is not fast enough it could cause serious errors in the performance metrics.
An organization is designing a new data center. What types of environmental issues should the organization implement sensors for? (Select all that apply.)
A. Temperature
B. Thunderstorms
C. Humidity
D. Flooding
A. Temperature
C. Humidity
D. Flooding
Sensors can measure temperature as high temperature will make it difficult for device and rack cooling systems to dissipate heat effectively.
Sensors can measure humidity as more water vapor in the air risks condensation forming within a device chassis, leading to corrosion and short circuit faults.
Sensors can measure flooding as there may be natural or person-made flood risks from nearby watercourses and reservoirs or risks from leaking plumbing or fire suppression systems.
While sensors built into power distribution systems and backup battery systems can report deviations from a normal power supply, sensors cannot directly measure thunderstorms.
An administrator needs to access servers using a key pair. What command can the administrator use to create the key pair?
A. ssh-keygen
B. ssh-agent
C. sshd
D. ssh Host
A. ssh-keygen
The ssh-keygen command creates a key pair to use to access servers. The private key stays securely on the local computer and the ssh-copy-id command copies the public key to the server.
The ssh-agent command configures a service to use to store the keys used to access multiple hosts. This provides a single sign-on (SSO) mechanism for multiple SSH servers.
The sshd command starts the SSH Daemon (server). Parameters such as the host’s certificate file, port to listen on, and logging options can be set via switches or in a configuration file.
The ssh Host command uses the SSH client to connect to the server running at Host. Host can be a fully qualified domain name or IP address.
An administrator has blocked access to port 23 to prevent users from using an unsecure terminal emulation software and protocol. What is the administrator blocking the use of?
A. FTP
B. SSH
C. Telnet
D. TFTP
C. Telnet
The administrator is blocking Telnet which is both a protocol and a terminal emulation software tool that insecurely transmits shell commands and output between a client and the remote host on port 23.
File Transfer Protocol (FTP) performs administrative upload/download of files to and from servers and appliances on port 21.
Secure Shell (SSH) is the principal means of obtaining secure remote access to UNIX and Linux servers and most types of network appliances and uses port 22.
The Trivial File Transfer Protocol (TFTP) is a connectionless protocol running over UDP port 69. Consequently, TFTP does not provide the guaranteed delivery offered by FTP and is only suitable for transferring small files.
A server is using its host key to establish a secure channel for clients to authenticate to the secure shell (SSH) server. Which of the following methods can establish the channel? (Select all that apply.)
A. Username/password
B. Public key authentication
C. Terminal emulation
D. Kerberos
A. Username/password
B. Public key authentication
D. Kerberos
Username/password is when the client submits credentials that the SSH server verifies either against a local user database or using a network authentication server and is a valid method.
In public-key authentication, each remote user’s public key appends to a list of keys authorized for each local account on the SSH server and is a valid method.
In Kerberos, the client submits a Ticket Granting Ticket, and the SSH server contacts the Ticket Granting Service to validate the credential. This is a valid method.
A terminal emulator is any kind of software that replicates the teletype (TTY) function which is text input and output between the user and the shell, or command environment.
An organization has ten employees in the finance department that all use the accounting system for different purposes. An administrator is reviewing logs and has discovered that all of the finance employees are using the same login to access the accounting system. Which log was the administrator reviewing?
A. System log
B. Audit log
C. Application log
D. Traffic log
B. Audit Log
The administrator was reviewing the audit log which records the use of authentication and authorization privileges, and the administrator can configure it to perform at a per-application level.
A system log records startup events plus subsequent changes to the configuration at an OS level and will include kernel processes and drivers but could also include core services.
An application log records data for a single specific service, such as DNS, HTTP, or an RDBMS. Note that a complex application could write to multiple log files.
Traffic and performance log record statistics for computing, storage, and network resources over a defined period.
An administrator received a Syslog alert, code 2. What level does this indicate the issue is?
A. Notice
B. Alert
C. Error
D. Critical
D. Critical
A code 2 level alert indicates a critical level alert meaning that a fault that will require immediate remediation is likely to develop and the administrator should investigate immediately.
A notice is a code 5 level alert and indicates that a state that could potentially lead to an error condition has developed. The administrator should investigate this, but it is not urgent.
An alert is a code 1 level alert and indicates that a fault requiring immediate remediation has occurred and the administrator should investigate immediately.
An error is a code 3 level alert and indicates that a non-urgent fault has developed and the administrator should investigate as soon as possible.
An organization is using the Simple Network Management Protocol (SNMP) for remote management and monitoring of servers and network appliances and must deploy an agent to each device. Where are the statistics relating to the activity of each device kept?
A. OID
B. MIB
C. Get
D. Trap
B. MIB (Management Base Information
The SNMP agent maintains a database called a Management Information Base (MIB) that holds statistics relating to the activity of the device, such as the number of frames per second handled by a switch.
An agent’s MIB on a device refers to each parameter stored in it by a numeric Object Identifier (OID). A tree structure stores the OIDs.
An SNMP monitor can retrieve information from MIBs using Get where the software queries the agent for a single OID. The monitor uses this command to perform regular polling.
An SNMP monitor can retrieve information from MIBs using Trap where the agent informs the monitor of a notable event. The threshold for triggering traps can be set for each value.
A Windows administrator needs to perform administrative tasks on servers at a different location and prefers to use a graphical user interface. What is the best tool for the administrator to use?
A. Telnet
B. SSH
C. RDP
D. NTP
C. RDP
The best tool for the administrator to use is Remote Desktop Protocol (RDP) which is Microsoft’s protocol for operating remote GUI connections to a Windows machine. RDP uses TCP port 3389.
Telnet is both a protocol and a terminal emulation software tool that insecurely transmits shell commands and output between a client and the remote host on port 23.
Secure Shell (SSH) is the principal means of obtaining secure remote access to UNIX and Linux servers and most types of network appliances and uses port 22.
The Network Time Protocol (NTP) enables the synchronization of these time-dependent applications. NTP works over UDP on port 123.