SNMP Flashcards

1
Q

Application layer management protocol that supports message exchange

A

SNMP (Simple Network Management Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What three components are SNMP broken down into?

A

MIB (Management Information Base)

SNMP Agent

SNMP Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Virtual information storage collection that contains collections of managed objects

A

MIB

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Runs directly on the managed device and collects all device information and translates it into a compatible SNMP format according to the MIB

A

SNMP Agent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Periodically polls SNMP agents on managed devices and queries the device for the data

A

SNMP Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Where do routers and all other network devices store statistics about the information of the processes and interfaces?

A

locally

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the function of the SNMP manager?

A

Polls SNMP agents

Queries devices for data

Set thresholds to trigger alarms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What operation will get the information from the MIB to the SNMP Agent?

A

Get

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What operation will get the next MIB object to the SNMP Agent?

A

Get-next

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What operation allows a management application to retrieve a large section of the table at once?

A

Get-bulk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What operation is used to get information to the MIB from an SNMP manager? (Set values of the MIB)

A

Set

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The SNMP Agent uses this operation to send triggered pieces of information to the SNMP Manager

A

Trap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What operation adds an acknowledgement that the Trap doesn’t provide?

A

Inform

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a community?

A

password, plain-text string

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the three types of communities?

A

Read-only

Read-write

Trap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Allows any SNMP application to gain access to the management information of the device?

A

Community string

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the key security features of SNMPv3?

A

Hashing algorithms

Packet encryption

Individual passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are the three levels of security in SNMPv3?

A

No authentication, no encryption (noAuthNoPriv) Authentication, but no encryption (authNoPriv) Authentication and encryption (authPriv)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What command sets the system contact string?

A

snmp-server contact [contact name]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What command sets the system location string?

A

snmp-server location [location]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What command defines the community access string with a read-only or read-write privilege?

A

snmp-server community [string] (ro/rw)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Gives read access to authorized management stations to all objects in the MIB, except the community strings, but it does not allow write access.

A

Read-only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Gives read and write access to authorized management stations to all objects in the MIB, but it does not allow access to the community strings.

A

Read-write

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

How does the SNMP system get its name?

A

Automatically inherits the hostname

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What command would define "Cisco1" as a read only community string?
snmp-server community Cisco1 ro
26
What command defines SRV1 (10.1.1.10) as the SNMP destination for the traps that R1 generates? Specify Cisco3 as the community string to be included in the traps
snmp-server host 10.1.1.10 Cisco3
27
What command displays community access strings?
show snmp community
28
What command displays SNMP system location string?
show snmp location
29
What command displays SNMP system contact information?
show snmp contact
30
What command displays the SNMP host details?
show snmp host
31
What command would configure SNMPv2 for read-only access using the community string of "not\_public" on a router?
snmp-server community not\_public ro
32
What command allows you to enable the correct location information for SNMP for the respective router hostname and OSPF area of the HQ router (HQ-OSPF0)?
snmp-server location HQ-OSPF0
33
What SNMP configuration command requires a contact of "support@CCS.com"
snmp-server contact support@CCS.com
34
What SNMP command defines the Network Management Station (172.16.100.10) as the SNMP destination for traps that are generated by the HQ router with the community string "log\_CCS" to be included in the traps?
snmp-server host 172.16.100.10 log\_CCS
35
You want to configure SNMPv3 to use encrypted authentication. What security level should be configured?
authPriv
36
What command will configure a router to send SNMP traps to the host at 192.168.51.50 by using SNMPv3 with username BOSON?
snmp-server host 192.168.51.50 traps version 3 private BOSON
37
What commands would ensure that only critical DPS traps are sent to the SNMP server?
snmp-server host host1 snmp-server enable traps alarms 1 snmp-server enable traps dsp
38
What are the four alarm security levels?
Critical Major Minor Informational
39
If no security level is defined when traps are enabled, what is the default level?
4
40
You modify the engine ID on an SNMPv3 agent that is configured with three remote SNMPv3 users. One of the users leaves the company. Your supervisor asks you to remove the user's account. What should you do?
Reconfigure SNMP
41
If you modify the engine ID after creating users, will you be able to remove existing users?
No
42
At which security level does SNMPv3 use CBC-DES to encrypt authentication?
authPriv
43
Without additional parameters, the snmp-server enable traps command does what?
configures Cisco device to send all SNMP notifications
44
What SNMP version does not include a bulk retrieval tool?
SNMPv1
45
How does SNMPv3 use HMAC-SHA or HMAC-MD5?
as authentication hashes at the authNoPriv security level as authentication hashes at the authPriv security level
46
What encryption standards can be used during the authentication process at the authPriv security level?
Data Encryption Standard (DES) Triple DES (3DES) Advanced Encryption Standard (AES)
47
What security level authenticates by matching the user name in clear text?
noAuthNoPriv
48
What security levels authenticate by matching a hash of the user name?
authNoPriv authPriv
49
What version of SNMP authenticates by matching a user name to authenticate?
SNMPv3
50
What versions of SNMP authenticate by matching a clear-text community string?
SNMPv1 SNMPv2C
51
A Network Management Station (NMS) is using SNMP to manage some Cisco routers and switches with SNMPv2c. How does the SNMP agent on a router authenticates any SNMP Get requests received from the NMS?
Using either the read-write or read-only community string
52
A router has been configured with the global command snmp-server community (textvalue1) RO (textvalue2). What does this command mean?
The router’s read-only community is textvalue1 The router filters incoming SNMP messages using IPv4 ACL textvalue2
53
What command primarily lists snmp counters and status information, instead of configuration settings?
show snmp
54
The first SNMP version to support user and group identification in its authentication security model
SNMPv3
55
Before SNMPv3 users can be configured, what must you first configure?
- SNMPv3 group that maps users to views - IP address or port number for remote SNMP agent where the user is configured - SNMP engine ID
56
What command configures the SNMP engine ID?
snmp-server engineID
57
What SNMP versions use community strings to provide authentication?
SNMPv1 SNMPv2
58
Database of variables that make up the parameters, status, and counters for the operations of the device.
Management Information Base
59
The NMS sends SNMP ____ messages to write variables on the SNMP agent as a means to change the configuration of the device.
Set
60
To be proactive, administrator can set _____ for certain key variables, telling the NMS to send a notification (email, text, and so on) when this is passed.
threshold
61
What two types of SNMP messages can be used by the SNMP agent to send a message to the NMS listing the state of certain MIB variables when those variables reach a certain state.
inform trap
62
What type of SNMP message uses UDP and has built in application layer reliability?
inform NMS must acknowledge receipt of the Inform or the SNMP agent will time out and resend the Inform
63
The Management Information Base (MIB) defines each variable as an \_\_\_\_.
Object ID (OID)
64
How does the MIB organize variables?
Into a hierarchy or OIDs
65
What is Cisco Prime an example of?
NMS (Network Management System)
66
This mechanism, applied to all SNMPv3 messages, confirms whether or not each message has been changed during transit.
Message integrity
67
An optional feature that adds authentication with both a username and password, with the password never sent as clear text. Instead it uses a hashing method like many other modern authentication processes.
Authentication
68
An optional feature that encrypts the contents of SNMPv3 messages so that attackers who intercept the messages cannot read their contents.
Encryption
69
Which version of SNMP first allowed user-based access?
SNMPv3
70
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.) A. SNMPv3 enhanced SNMPv2 security features. B. SNMPv3 added the Inform protocol message to SNMP. C. SNMPv2 added the Inform protocol message to SNMP. D. SNMPv3 added the GetBulk protocol messages to SNMP. E. SNMPv2 added the GetBulk protocol message to SNMP. F. SNMPv2 added the GetNext protocol message to SNMP.
A. SNMPv3 enhanced SNMPv2 security features. C. SNMPv2 added the Inform protocol message to SNMP. E. SNMPv2 added the GetBulk protocol message to SNMP.
71
What authentication type is used by SNMPv2? A. HMAC-MD5 B. HMAC-SHA C. CBC-DES D. community strings
D. community strings
72
What SNMP message alerts the manager to a condition on the network? A. response B. get C. trap D. capture
C. trap
73
What are three components that comprise the SNMP framework? (Choose three.) A. MIB B. agent C. set D. AES E. supervisor F. manager
A. MIB B. agent F. manager
74
Which three features are added in SNMPv3 over SNMPv2? A. Message Integrity B. Compression C. Authentication D. Encryption E. Error Detection
A. Message Integrity C. Authentication D. Encryption
75
What is the alert message generated by SNMP agents called ? A. TRAP B. INFORM C. GET D. SET
A. TRAP B. INFORM
76
Which protocol can cause overload on a CPU of a managed device? A. Netflow B. WCCP C. IP SLA D. SNMP
D. SNMP
77
Refer to the exhibit. What is the cause of the Syslog output messages? A. The EIGRP neighbor on Fa0/1 went down due to a failed link. B. The EIGRP neighbor connected to Fa0/1 is participating in a different EIGRP process, causing the adjacency to go down. C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down. D. Interface Fa0/1 has become error disabled, causing the EIGRP adjacency to go down.
C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down.
78
What command instructs the device to timestamp Syslog debug messages in milliseconds? A. service timestamps log datetime localtime B. service timestamps debug datetime msec C. service timestamps debug datetime localtime D. service timestamps log datetime msec
B. service timestamps debug datetime msec
79
What is the default Syslog facility level? A. local4 B. local5 C. local6 D. local7
D. local7
80
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.) A. informational B. emergency C. warning D. critical E. debug F. error
B. emergency D. critical F. error
81
Which three statements about Syslog utilization are true? (Choose three.) A. Utilizing Syslog improves network performance. B. The Syslog server automatically notifies the network administrator of network problems. C. A Syslog server provides the storage space necessary to store log files without using router disk space. D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages. E. Enabling Syslog on a router automatically enables NTP for accurate time stamping. F. A Syslog server helps in aggregation of logs and alerts.
C. A Syslog server provides the storage space necessary to store log files without using router disk space. D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages. F. A Syslog server helps in aggregation of logs and alerts.
82
Syslog was configured with a level 3 trap. Which 3 types of logs would be generated (choose three) A. Emergencies B. Alerts C. Critical D. Errors E. Warnings
A. Emergencies B. Alerts C. Critical
83
What are the Popular destinations for syslog messages to be saved? A. Flash B. The logging buffer .RAM C. The console terminal D. Other terminals E. Syslog server
B. The logging buffer .RAM C. The console terminal E. Syslog server
84
Which three are the components of SNMP? (Choose three) A. MIB B. SNMP Manager C. SysLog Server D. SNMP Agent E. Set
A. MIB B. SNMP Manager D. SNMP Agent
85
What is the first step you perform to configure an SNMPv3 user? A. Configure server traps. B. Configure the server group. C. Configure the server host. D. Configure the remote engine ID.
B. Configure the server group.