Network Services - Network Monitoring Servers

Question 1

Syslog

Answer 1

Enables different appliances and software applications to transmit logs to a centralized server. It’s the defacto standard for logging events. It contains a PRI code, Header, and message.

Question 2

Old Syslog

Answer 2

Relied on UDP
Lacked security controls

Question 3

New Syslog

Answer 3

Uses TCP
Uses TLS (Transport Layer Security)
Uses MD5 and SHA1

Question 4

syslog-ng/rsyslog

Answer 4

newer versions of syslog

Question 5

Simple Network Management Protocol (SNMP)

Answer 5

TCP/IP protocol that aids in monitoring network-attached devices and computers. Broken down into 3 components

Question 6

SNMP - Managed Devices

Answer 6

Computers and other network-attached devices monitored through the use of agents by a network management system

Question 7

SNMP - Agents

Answer 7

Software that is loaded on a managed device to redirect information to the network management system

Question 8

SNMP - Network management System (NMS)

Answer 8

Software running on one or more servers to control the monitoring of network-attached devices and computers

Question 9

In-band

Answer 9

Management data is sent over the same network that carries your corporate information and normal data

Question 10

out-of-band

Answer 10

Secondary network where all the management occurs. Has a primary in band network where all the data that the user is gonna get occurs. Management should be conducted on an out-of-band network to increase security