Chapter 20: Network Monitoring Flashcards
____ is a set of standards for communication with network devices (switches, routers, WAPs) connected to a TCP/IP network. It is used for network management.
SNMP or Simple Network Management Protocol
An SNMP (Simple Network Management Protocol) system, which creates a managed network, consists of at least three components:
- Managed devices
- SNMP manager aka. a NMS (Network Management System
- SNMP agent
SNMP uses ____ to categorize the data that can be queried.
MIBs or Management Information Bases
SNMP managers use UDP ports:
162 or 10162 (with TLS)
SNMP agents use UDP ports:
161 or 10161 (with TLS)
A/An ____ is a program that queries a network interface and collects (captures) packets in a file. They need to capture all the packets they can, so it’s typical for them to connect to an interface in promiscuous mode or, in the case of a switch, a mirrored port.
packet sniffer
A/An ____ is a program that processes capture files from packet sniffers and analyzes them based on our monitoring needs.
protocol analyzer
A/An ____ tool tracks traffic flowing between specific source and destination devices.
packet flow monitoring
____ track the bandwidth and utilization of one or more interfaces on one or more devices.
Interface monitors
A/An ____ tracks the performance of some aspect of a system over time and lets you know when things aren’t normal.
performance monitor
The default destination port for syslog is UDP port ____.
514
Which PDU does an SNMP manager (aka. a NMS) use to query agents?
Get
Which PDU does an SNMP manager (aka. a NMS) use to tell an agent to make changes to the information it queries and sends?
Set
An agent can solicit information from an SNMP manager (aka. a NMS) with the ____ PDU.
Trap
In an SNMP managed network, what software does a managed device run?
An agent
