Network Services Flashcards
What protocol is used to synchronize the time on a network of machines?
Network Time Protocol (NTP)
What port does NTP use to communicate?
UDP port 123
NTP uses the concept of what to describe how many NTP hops away a machine is from an authoritative time source.
stratum
A stratum 2 server receives its time from what?
Stratum 1 server
Which level of stratum time server has a radio or atomic clock that is directly attached to it?
level 1 stratum
What command would you use to configure a client to use an NTP server?
ntp server ip-address [prefer] [source interface-id] command.
What does a NTP server do?
Provides accurate time information to clients.
What does a NTP client do?
Synchronizes its time to the server. This mode is most suited for file server and workstation clients that are not required to provide any form of time synchronization to other local clients.
What is a NTP peer?
Peers exchange time synchronization information. The peer mode is also commonly known as symmetric mode. It is intended for configurations where a group of low stratum peers operate as mutual backups for each other.
What is the most severe logging level?
Emergency (level 0)
What severity level is ALERT?
Severity 1 - Immediate action needed
What is the least severe level?
Debugging (level 7)
What severity level is WARNING?
severity 4
What severity level is INFORMATIONAL?
severity 6
What severity level is NOTIFICATION?
severity 5
How would configure a device to send log messages to a syslog server?
logging (hostname | ip address)
What SNMP component collects management data from managed devices via polling or trap messages?
SNMP Manager or NMS (Network Manager Server)
What is found on a managed network device, it locally organizes data and sends it to the manager?
SNMP Agent
Which SNMP version added a complex security model but was never widely accepted?
SNMPv2
Which SNMP version is the community standard but provides no security features besides a community string?
SNMPv2c
Which SNMP version supports authentication and encryption?
SNMPv3
What are the three components of NetFlow?
Flow Exporter, Flow Collector, Flow Analyzer
What is a flow exporter?
The router or network device in charge of collecting flow information and exporting it to a flow collector.
What is a flow collector?
A server that receives the exported flow information.
What is a flow analyzer?
An application that analyzes flow information collected by the flow collector.
What are some of the characteristics NetFlow can identify traffic flow?
Source and destination IP addresses, source and destination ports, and Differentiated Services Code Point (DSCP) or ToS markings.
What are the packet attributes in an IP flow?
IP source address, IP destination address, Source port, Destination port, Layer 3 protocol type, CoS, Router or switch interface
What is Cisco EEM?
Cisco IOS Embedded Event Manager (EEM) is a powerful and flexible tool to automate tasks and customize the behavior of Cisco IOS Software and the operation of a device.
With EEM, you can create and run programs or scripts directly on a router or switch. The scripts created are referred to as what?
EEM policies
EEM policies can programed by using which two methods?
A CLI-based interface (Applet) or a scripting language called Tool Command Interface (Tcl)
What are the two primary purpose of EEM scripts?
Assist in troubleshooting an issue and assist with a temporary workaround
What does a EEM server do?
The EEM server bridges the Cisco IOS subsystems used in the event detectors and the policies. Its primary purposes are to receive notifications from event detectors when an event of interest occurs, store the information about an event, publish events, register internal script directories, register Tcl scripts and applets, and process the actions taken by user-defined scripts.
What does a EEM detector do?
The event detectors in EEM are used to determine when an EEM event occurs. Event detectors are separate systems that provide an interface between the agent being monitored, like Simple Network Management Protocol (SNMP), and the EEM policies where an action can be implemented. The following are some examples of EEM event detectors:
What are some common EEM applet actions?
action cli: This action executes a Cisco IOS CLI command when an EEM applet is triggered.
action counter: This action sets or modifies a named counter when an EEM applet is triggered.
action decrement: This action decrements the value of a variable when an EEM applet is triggered.
action snmp-trap: This action generates an SNMP trap when an EEM applet is triggered.
action mail: This action sends a short email when an EEM applet is triggered.
action reload: This action reloads a Cisco IOS device when an EEM applet is triggered.
action syslog: This action writes a message to syslog when an EEM applet is triggered.
action put: This action enables the printing of data directly to the local tty when an EEM applet is triggered.
What are two commands you should use at the beginning of the actions in an applet because the applet assumes that the user is in EXEC mode, not privileged EXEC or config mode.
enable and configure terminal commands
What command you would use to see the actions taking place when an applet is running?
debug event manager action cli
What command would you use to show all the output for the configured actions while an applet is being executed?
debug event manager all
What command do you use to manually run an EEM applet?
event manager run applet-name
What command would you use to configure a device to act as an NTP server?
ntp master stratum-number
What does NTP use to determine the number of hops to the authoritative time source?
Stratum
What version of HSRP supports groups 0-255?
HSRPv1
What version of HSRP supports groups 0-4095?
HSRPv2
What’s the multicast address HSRPv1 uses?
224.0.0.2
What’s the multicast address HSRPv2 uses?
Multicast address is 224.0.0.102
What is the default version of HSRP?
HSRPv1
What’s the HSRP state when the device is responsible for forwarding (routing) packets that are being sent to it and responding to all ARP requests for the virtual IP address?
Active
In which HSRP state is the device not yet ready or able to participate in HSRP, possibly because the interface is not yet up.
Init or disabled
In which HSRP state the device has not determined the virtual IP address and has not yet seen an authenticated hello message from the active device. In this state, the device still waits to hear from the active device.
Learn
Which HSRP state is the device is receiving hello messages?
Listen
Which HSRP state is the device sending and receiving hello messages?
Speak
Which HSRP state is when the device is prepared to become the active device if the active device fails?
Standby
The device with the ______ priority will be the active device?
highest
If the HSRP priority is tied, what will break the tie?
The device with the higher interface IP address will become the active device.
What is the default HSRP priority?
100
What enables the HSRP router with the highest priority to immediately become the active router once it is available.
Preemption
Is HSRP preemption enabled by default?
no
What command allows you to enable preemption?
standby preemption
What are the two ways to implement HSRP authentication?
Plaintext and MD5 authentication