Certmaster Ensuring Network Availability Flashcards
An organization deployed components so that they could use NetFlow to measure network traffic statistics. Which of the deployed components needs a high bandwidth network link and substantial storage capacity?
A.NetFlow exporter
B.NetFlow collector
C.NetFlow analyzer
D.IPFIX
B
A NetFlow collector needs a high bandwidth network link and substantial storage capacity because it aggregates flows from multiple exporters and a large network can generate huge volumes of flow traffic and data records.
NetFlow configures a NetFlow exporter on network appliances (switches, routers, and firewalls) and the exporter has a flow defined on it.
A NetFlow analyzer reports and interprets information by querying the collector and can generate alerts and notifications.
The IP Flow Information Export (IPFIX) is an IETF standard by which Cisco has redeveloped NetFlow to meet.
An organization has ten employees in the finance department that all use the accounting system for different purposes. An administrator is reviewing logs and has discovered that all of the finance employees are using the same login to access the accounting system. Which log was the administrator reviewing?
A.System log
B.Audit log
C.Application log
D.Traffic log
B
The administrator was reviewing the audit log which records the use of authentication and authorization privileges, and the administrator can configure it to perform at a per-application level.
A system log records startup events plus subsequent changes to the configuration at an OS level and will include kernel processes and drivers but could also include core services.
An application log records data for a single specific service, such as DNS, HTTP, or an RDBMS. Note that a complex application could write to multiple log files.
Traffic and performance log record statistics for computing, storage, and network resources over a defined period.
An organization is designing a new data center. What types of environmental issues should the organization implement sensors for? (Select all that apply.)
A.Temperature
B.Thunderstorms
C.Humidity
D.Electrical
A, C, D
Sensors can measure temperature as high temperature will make it difficult for device and rack cooling systems to dissipate heat effectively.
Sensors can measure humidity as more water vapor in the air risks condensation forming within a device chassis, leading to corrosion and short circuit faults.
Systems need a stable power supply, free from outages, voltage dips, voltage spikes, and surges. Sensors built into power distribution systems and backup battery systems can report deviations from a normal power supply.
While sensors built into power distribution systems and backup battery systems can report deviations from a normal power supply, sensors cannot directly measure thunderstorms.
An organization is using the Simple Network Management Protocol (SNMP) for remote management and monitoring of servers and network appliances and must deploy an agent to each device. Where are the statistics relating to the activity of each device kept?
A.OID
B.MIB
C.Get
D.Trap
B
The SNMP agent maintains a database called a Management Information Base (MIB) that holds statistics relating to the activity of the device, such as the number of frames per second handled by a switch.
An agent’s MIB on a device refers to each parameter stored in it by a numeric Object Identifier (OID). A tree structure stores the OIDs.
An SNMP monitor can retrieve information from MIBs using Get where the software queries the agent for a single OID. The monitor uses this command to perform regular polling.
An SNMP monitor can retrieve information from MIBs using Trap where the agent informs the monitor of a notable event. The threshold for triggering traps can be set for each value.
A server is using its host key to establish a secure channel for clients to authenticate to the secure shell (SSH) server. Which of the following methods can establish the channel? (Select all that apply.)
A.Username/password
B.Public key authentication
C.Terminal emulation
D.Kerberos
A, B, D
Username/password is when the client submits credentials that the SSH server verifies either against a local user database or using a network authentication server and is a valid method.
In public-key authentication, each remote user’s public key appends to a list of keys authorized for each local account on the SSH server and is a valid method.
In Kerberos, the client submits a Ticket Granting Ticket, and the SSH server contacts the Ticket Granting Service to validate the credential. This is a valid method.
A terminal emulator is any kind of software that replicates the teletype (TTY) function which is text input and output between the user and the shell, or command environment.
An administrator received a Syslog alert, code 2. What level does this indicate the issue is?
A.Notice
B.Alert
C.Error
D.Critical
D
A code 2 level alert indicates a critical level alert meaning that a fault that will require immediate remediation is likely to develop and the administrator should investigate immediately.
A notice is a code 5 level alert and indicates that a state that could potentially lead to an error condition has developed. The administrator should investigate this, but it is not urgent.
An alert is a code 1 level alert and indicates that a fault requiring immediate remediation has occurred and the administrator should investigate immediately.
An error is a code 3 level alert and indicates that a non-urgent fault has developed and the administrator should investigate as soon as possible.
A file server on the network is receiving synchronized time so that it can communicate properly, however it cannot provide synchronized time for other devices on the network. Why is this?
A.The server supports only NTP
B.The server is a stratum 1 server
C.The server is a stratum 2 server
D.The server supports only SNTP
D
The server supports only Simple Network Time Protocol (SNTP). SNTP works over the same port as NTP, UDP port 123. A host that supports only SNTP cannot act as a time source for other hosts.
The Network Time Protocol (NTP) enables the synchronization of time-dependent and time-critical applications such as authentication and security mechanisms, scheduling applications, and backup software.
A stratum 1 server is a top-level NTP server that obtains the coordinated universal time via a direct physical link to an accurate clock source.
A stratum 2 server synchronizes its time with a stratum 1 server as a client and acts as a server or time source to lower stratum NTP servers or client hosts.
