Module 10: Network Management Flashcards
What two protocols can be used for device discovery?
CDP and LLDP
What protocol is used to synchronise time across a network?
NTP
What is the SNMP protocol and what is it used for?
Simple Network Management Protocol (SNMP) to manage devices, monitor network performance, find and solve network issues, and plan for network growth.
What is the syslog protocol and what is it used for?
It is a system logging protocol used by devices such as routers, switches, application servers, firewalls and other networking appliances.
It allows these networking devices to send their system messages across the network to a syslog server for analysis.
What is CDP and what is it used for?
Cisco Discovery Protocol (CDP) is a protocl that can be used to map a network of Cisco devices. It is proprietary and only some other vendors support it.
What is LLDP and what is it used for?
Link Layer Discovery Protocol (LLDP) is a protcol that can be used to map a network of any devices. It is non-proprietary and many vendors support it.
What IOS command is used to verify the status of CDP?
show cdp
What IOS command is used to enable CDP globally for all supported interfaces on a device?
cdp run
What IOS command is used to disable CDP globally for all supported interfaces on a device?
no cdp run
Why should you not allow CPD to run on interfaces connected outside your network, such as the WAN port that connects to the internet?
It is a security concern to broadcast networking information to an insecure network.
What IOS commands are used to disable CDP on the interface G0/0/1?
interface g0/0/1no cdp enable
What IOS command is used to verify the status of CDP on all interfaces of the device?
show cdp interface
What IOS command is used to verify the status of CDP and display a list of neighbors?
show cdp neighbors
What port of R1 is the device S1 plugged into in the CDP output?
Gig 0/0/1
What port of S1 is the local device R1 plugged into in the CDP output?
Fas 0/5
How can we tell that the device S1 is a switch based on the CDP output?
The capability has an S indicating it is a switch.
What IOS command can be used to see full details of connected devices using CDP? What important part is not displayed with just show cdp neighbors?
show cdp neighbors detail can be used to show full details, including the IP address of the devices.
Why is SSH useful when using CDP to discover devices on a network?
CDP can display the IP address of connected devices, which can then be connected to via SSH and used to further map the network.
Why might you use LLDP rather than CDP to discover network devices?
LLDP is not specific to Cisco devices, so can be used to discover neighboring devices from other vendors.
What IOS commnad is used to enable LLDP?
lldp run
What extra step must you take after enabling LLDP, that isn’t required for CDP?
You must enable both the transmitting and receiving of LLDP packets on interfaces.
What IOS commands are used to enable the transmission of LLDP packets on interface G0/1?
lldp runinterface G0/1lldp transmitlldp receiveend
What IOS command displays the status of LLDP?
show lldp
What IOS command shows discovered LLDP neighbors?
show lldp neighbors
What port of S2 is the local device S1 plugged into in the LLDP output?
Fa0/1
What port of the local device S1 plugs into R1 in the LLDP output?
Fa0/5
What IOS command shows full information about discovered LLDP neighbors? What important part is not displayed with just show lldp neighbors?
show lldp neighbors detail also shows the IP address of the neighboring devices.
What is the NTP protocol and what is it used for?
Network Time Protocol (NTP) is used for setting and synchronising time on devices.
Why is not advisable to manually set the date and time on network devices?
Devices can get out of sync without using a protocol like NTP, especially after a reboot where this information is often lost.
What port and protocol does NTP use?
UDP port 123
What type of arrangement system does NTP use?
A hierarchical system of time sources.
What IOS command displays the date and time on the device and whether this was set manually or via NTP??
show clock detail
What IOS command is used to configure NTP and set the authorative server?
ntp server <ip-address>
What IOS command is used to show where NTP information is being synchronised from?
show ntp status
In NTP what is a stratum? What is stratum 0, 1, 2 and 16?
A stratum is the administative distance between a GPS or atomic clock.
- Clocks are at stratum 0.
- Stratum 1 would be a device like a router directly synchronised with a clock.
- Stratum 2 would be a device connected to that router and so on up to 15 ‘hops’ away from the clock.
- Stratum 16 is ‘unsynchronised’.
What sorts of devices does SNMP allow an administrator to manage?
Network Infrastructure Devices:
- Routers
- Switches
- Firewalls and security devices
- Load balancers
Servers:
- Windows, UNIX and Linux servers
- Virtual machines and their hosts
Wireless and IoT Devices:
- Access points
- IP cameras
- Smart sensors and automation systems
Peripherals and Storage Devices
- Network printers, scanners and copiers
- NAS
- SAN
Environmental Devices:
- UPS
- HVAC systems
- Temperature and humidity sensors
VoIP
- IP phones
- VoIP gateways
What three elements is the SNMP system made of?
- SNMP manager
- SNMP agents (managed node)
- Management Information Base (MIB)
What is an SNMP manager?
Part of the Netowrk Management System (NMS) it runs the management software, such as PRTG or SolarWinds.
What is an SNMP agent?
A managed node device that collects information about itself that can be retreived by an SNMP manager, such as a router.
What is the Management Information Base (MIB)?
The place where information is stored locall by a managed node for retreival by an SNMP manager.
What are the two primary SNMP manager requests?
get and set
What is an SNMP set request and what are some examples of what it might be used for?
It is used to set variables on a managed node, or initiaite actions such as a reboot.
What is an SNMP get request and what are some examples of what it might be used for?
It is used to query a device for data, such as its uptime, or what interfaces are currently up/up
What is an SNMP Agent Trap and why might it be used?
SNMP Agent Traps are unsolicited alerts sent from a managed device to the SNMP manager, providing immediate notifications of critical events like failed authentication attempts or network failures. They bypass the delay of periodic polling, ensuring faster issue detection.
Which SNMP version authenticates the source of management messages?
Version 3
Which SNMP version does not provide encrypted management messages?
Version 2
Which SNMP version is supported by Cisco IOS software?
Version 1, 2 and 3 - although 1 is considered obsolete.
Which SNMP version uses community-based forms of security?
Version 2
Which SNMP version is used for interoperability and includes message integrity reporting?
Version 3
Which SNMP version provides services for security models?
Version 2 and 3
Which SNMP version includes expanded error codes with types?
Version 2 introduced them (and is the answer Cisco wants) but really both Version 2 and Version 3 include them…
Why do most organisations only use SNMPv1 and SNMPv in read only ro mode?
Because both use plaintext community strings as passwords, which is vulnerable to packet sniffing and man-in-the-middle attacks.
Fill in the blank: SNMP can be used to observe CPU utilisation over time by _______.
A NMS poling devices and creating a graph.
What three primary functions of the syslog service?
- The ability to gather logging information for monitoring and troubleshooting
- The ability to select the type of logging information that is captured
- The ability to specify the destinations of captured syslog messages
What is syslog severity level 0?
Emergency - System Unusable
What syslog severity level is for Debugging?
Level 7
What is the default format of syslog messages on Cisco IOS software in the format %<x>-<y>-<z>: <a></a></z></y></x>
%facility-severity-MNEMONIC: description
In the sample output of a Cisco IOS syslog message what is the MNEMONIC?
UPDOWN
In the sample output of a Cisco IOS syslog message what is the facility?
LINK
In the sample output of a Cisco IOS syslog message what is the severity?
3 (meaning Level 3 - Error)
What command configures CISCO IOS devices to display the timestamp on syslog messages?
service timestamps log datetime
What are two reasons for an administrator to issue the copy running-config tftp command on a switch or router?
- To save the running configuration file to a remote location.
- To transfer the current configuration file to a server.
What information can be gathered about a neighbor device from the show cdp neighbors detail command that cannot be found with the show cdp neighbors command?
The IP address of the neighbor.
When SNMPv1 or SNMPv2 is being used, which feature provides secure access to MIB objects?
Community strings
What command must be issued on a Cisco router that will serve as an authoritative NTP server?
ntp master 1
Which protocol or service can be configured to send unsolicited messages to alert the network administrator about a network event such as an extremely high CPU utilization on a router?
SNMP
True or False:
Severity level 0 is the most critical severity level?
True
What is an SNMP management agent?
Software that is installed on devices managed by SNMP
SNMP read-only community strings can be used to do what on an SNMP-enabled device?
To get information from the device
A network administrator issues the copy tftp running-config command on a router. What is the administrator trying to achieve?
Copy the configuration file from the TFTP server to the RAM of the router
The OIDs of the MIB are in what sort of structure?
Hierarchical
If the following command was issuedR1# copy startup-config tftp where is the data that is being saved and where is it being saved to?
It is the config stored in NVRAM and it is being saved to a TFTP server.
Which command would a network engineer use to restore the IOS image c1900-universalk9-mz.SPA.152-4.M3.bin to a router?
copy tftp: flash0:
Why would a network administrator issue the show cdp neigbors command on a router?
To display device ID and other information about directly connected Cisco devices
What are SNMP trap messages?
Unsolicited messages that are sent by the SNMP agent and alert the NMS to a condition on the network
What configuration scenario would offer the most protection to SNMP get and set messages?
SNMPv3 configured with the auth security level
