SNMP

Question 1

Application layer management protocol that supports message exchange

Answer 1

SNMP (Simple Network Management Protocol)

Question 2

What three components are SNMP broken down into?

Answer 2

MIB (Management Information Base)

SNMP Agent

SNMP Manager

Question 3

Virtual information storage collection that contains collections of managed objects

Answer 3

MIB

Question 4

Runs directly on the managed device and collects all device information and translates it into a compatible SNMP format according to the MIB

Answer 4

SNMP Agent

Question 5

Periodically polls SNMP agents on managed devices and queries the device for the data

Answer 5

SNMP Manager

Question 6

Where do routers and all other network devices store statistics about the information of the processes and interfaces?

Answer 6

locally

Question 7

What is the function of the SNMP manager?

Answer 7

Polls SNMP agents

Queries devices for data

Set thresholds to trigger alarms

Question 8

What operation will get the information from the MIB to the SNMP Agent?

Answer 8

Get

Question 9

What operation will get the next MIB object to the SNMP Agent?

Answer 9

Get-next

Question 10

What operation allows a management application to retrieve a large section of the table at once?

Answer 10

Get-bulk

Question 11

What operation is used to get information to the MIB from an SNMP manager? (Set values of the MIB)

Answer 11

Set

Question 12

The SNMP Agent uses this operation to send triggered pieces of information to the SNMP Manager

Answer 12

Trap

Question 13

What operation adds an acknowledgement that the Trap doesn’t provide?

Answer 13

Inform

Question 14

What is a community?

Answer 14

password, plain-text string

Question 15

What are the three types of communities?

Answer 15

Read-only

Read-write

Trap

Question 16

Allows any SNMP application to gain access to the management information of the device?

Answer 16

Community string

Question 17

What are the key security features of SNMPv3?

Answer 17

Hashing algorithms

Packet encryption

Individual passwords

Question 18

What are the three levels of security in SNMPv3?

Answer 18

No authentication, no encryption (noAuthNoPriv) Authentication, but no encryption (authNoPriv) Authentication and encryption (authPriv)

Question 19

What command sets the system contact string?

Answer 19

snmp-server contact [contact name]

Question 20

What command sets the system location string?

Answer 20

snmp-server location [location]

Question 21

What command defines the community access string with a read-only or read-write privilege?

Answer 21

snmp-server community [string] (ro/rw)

Question 22

Gives read access to authorized management stations to all objects in the MIB, except the community strings, but it does not allow write access.

Answer 22

Read-only

Question 23

Gives read and write access to authorized management stations to all objects in the MIB, but it does not allow access to the community strings.

Answer 23

Read-write

Question 24

How does the SNMP system get its name?

Answer 24

Automatically inherits the hostname

Question 25

What command would define “Cisco1” as a read only community string?

Answer 25

snmp-server community Cisco1 ro

Question 26

What command defines SRV1 (10.1.1.10) as the SNMP destination for the traps that R1 generates? Specify Cisco3 as the community string to be included in the traps

Answer 26

snmp-server host 10.1.1.10 Cisco3

Question 27

What command displays community access strings?

Answer 27

show snmp community

Question 28

What command displays SNMP system location string?

Answer 28

show snmp location

Question 29

What command displays SNMP system contact information?

Answer 29

show snmp contact

Question 30

What command displays the SNMP host details?

Answer 30

show snmp host

Question 31

What command would configure SNMPv2 for read-only access using the community string of “not_public” on a router?

Answer 31

snmp-server community not_public ro

Question 32

What command allows you to enable the correct location information for SNMP for the respective router hostname and OSPF area of the HQ router (HQ-OSPF0)?

Answer 32

snmp-server location HQ-OSPF0

Question 33

What SNMP configuration command requires a contact of “support@CCS.com”

Answer 33

snmp-server contact support@CCS.com

Question 34

What SNMP command defines the Network Management Station (172.16.100.10) as the SNMP destination for traps that are generated by the HQ router with the community string “log_CCS” to be included in the traps?

Answer 34

snmp-server host 172.16.100.10 log_CCS

Question 35

You want to configure SNMPv3 to use encrypted authentication. What security level should be configured?

Answer 35

authPriv

Question 36

What command will configure a router to send SNMP traps to the host at 192.168.51.50 by using SNMPv3 with username BOSON?

Answer 36

snmp-server host 192.168.51.50 traps version 3 private BOSON

Question 37

What commands would ensure that only critical DPS traps are sent to the SNMP server?

Answer 37

snmp-server host host1 snmp-server enable traps alarms 1 snmp-server enable traps dsp

Question 38

What are the four alarm security levels?

Answer 38

Critical

Major

Minor

Informational

Question 39

If no security level is defined when traps are enabled, what is the default level?

Answer 39

4

Question 40

You modify the engine ID on an SNMPv3 agent that is configured with three remote SNMPv3 users. One of the users leaves the company. Your supervisor asks you to remove the user’s account. What should you do?

Answer 40

Reconfigure SNMP

Question 41

If you modify the engine ID after creating users, will you be able to remove existing users?

Answer 41

No

Question 42

At which security level does SNMPv3 use CBC-DES to encrypt authentication?

Answer 42

authPriv

Question 43

Without additional parameters, the snmp-server enable traps command does what?

Answer 43

configures Cisco device to send all SNMP notifications

Question 44

What SNMP version does not include a bulk retrieval tool?

Answer 44

SNMPv1

Question 45

How does SNMPv3 use HMAC-SHA or HMAC-MD5?

Answer 45

as authentication hashes at the authNoPriv security level as authentication hashes at the authPriv security level

Question 46

What encryption standards can be used during the authentication process at the authPriv security level?

Answer 46

Data Encryption Standard (DES) Triple DES (3DES) Advanced Encryption Standard (AES)

Question 47

What security level authenticates by matching the user name in clear text?

Answer 47

noAuthNoPriv

Question 48

What security levels authenticate by matching a hash of the user name?

Answer 48

authNoPriv

authPriv

Question 49

What version of SNMP authenticates by matching a user name to authenticate?

Answer 49

SNMPv3

Question 50

What versions of SNMP authenticate by matching a clear-text community string?

Answer 50

SNMPv1

SNMPv2C

Question 51

A Network Management Station (NMS) is using SNMP to manage some Cisco routers and switches with SNMPv2c. How does the SNMP agent on a router authenticates any SNMP Get requests received from the NMS?

Answer 51

Using either the read-write or read-only community string

Question 52

A router has been configured with the global command snmp-server community (textvalue1) RO (textvalue2). What does this command mean?

Answer 52

The router’s read-only community is textvalue1

The router filters incoming SNMP messages using IPv4 ACL textvalue2

Question 53

What command primarily lists snmp counters and status information, instead of configuration settings?

Answer 53

show snmp

Question 54

The first SNMP version to support user and group identification in its authentication security model

Answer 54

SNMPv3

Question 55

Before SNMPv3 users can be configured, what must you first configure?

Answer 55

• SNMPv3 group that maps users to views
• IP address or port number for remote SNMP agent where the user is configured
• SNMP engine ID

Question 56

What command configures the SNMP engine ID?

Answer 56

snmp-server engineID

Question 57

What SNMP versions use community strings to provide authentication?

Answer 57

SNMPv1

SNMPv2

Question 58

Database of variables that make up the parameters, status, and counters for the operations of the device.

Answer 58

Management Information Base

Question 59

The NMS sends SNMP ____ messages to write variables on the SNMP agent as a means to change the configuration of the device.

Answer 59

Set

Question 60

To be proactive, administrator can set _____ for certain key variables, telling the NMS to send a notification (email, text, and so on) when this is passed.

Answer 60

threshold

Question 61

What two types of SNMP messages can be used by the SNMP agent to send a message to the NMS listing the state of certain MIB variables when those variables reach a certain state.

Answer 61

inform

trap

Question 62

What type of SNMP message uses UDP and has built in application layer reliability?

Answer 62

inform NMS must acknowledge receipt of the Inform or the SNMP agent will time out and resend the Inform

Question 63

The Management Information Base (MIB) defines each variable as an ____.

Answer 63

Object ID (OID)

Question 64

How does the MIB organize variables?

Answer 64

Into a hierarchy or OIDs

Question 65

What is Cisco Prime an example of?

Answer 65

NMS (Network Management System)

Question 66

This mechanism, applied to all SNMPv3 messages, confirms whether or not each message has been changed during transit.

Answer 66

Message integrity

Question 67

An optional feature that adds authentication with both a username and password, with the password never sent as clear text. Instead it uses a hashing method like many other modern authentication processes.

Answer 67

Authentication

Question 68

An optional feature that encrypts the contents of SNMPv3 messages so that attackers who intercept the messages cannot read their contents.

Answer 68

Encryption

Question 69

Which version of SNMP first allowed user-based access?

Answer 69

SNMPv3

Question 70

Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)

A. SNMPv3 enhanced SNMPv2 security features.
B. SNMPv3 added the Inform protocol message to SNMP.
C. SNMPv2 added the Inform protocol message to SNMP.
D. SNMPv3 added the GetBulk protocol messages to SNMP.
E. SNMPv2 added the GetBulk protocol message to SNMP.
F. SNMPv2 added the GetNext protocol message to SNMP.

Answer 70

A. SNMPv3 enhanced SNMPv2 security features.

C. SNMPv2 added the Inform protocol message to SNMP.

E. SNMPv2 added the GetBulk protocol message to SNMP.

Question 71

What authentication type is used by SNMPv2?

A. HMAC-MD5
B. HMAC-SHA
C. CBC-DES
D. community strings

Answer 71

D. community strings

Question 72

What SNMP message alerts the manager to a condition on the network?

A. response
B. get
C. trap
D. capture

Answer 72

C. trap

Question 73

What are three components that comprise the SNMP framework? (Choose three.)

A. MIB
B. agent
C. set
D. AES
E. supervisor
F. manager

Answer 73

A. MIB

B. agent

F. manager

Question 74

Which three features are added in SNMPv3 over SNMPv2?

A. Message Integrity
B. Compression
C. Authentication
D. Encryption
E. Error Detection

Answer 74

A. Message Integrity

C. Authentication

D. Encryption

Question 75

What is the alert message generated by SNMP agents called ?

A. TRAP
B. INFORM
C. GET
D. SET

Answer 75

A. TRAP
B. INFORM

Question 76

Which protocol can cause overload on a CPU of a managed device?

A. Netflow
B. WCCP
C. IP SLA
D. SNMP

Answer 76

D. SNMP

Question 77

Refer to the exhibit. What is the cause of the Syslog output messages?

A. The EIGRP neighbor on Fa0/1 went down due to a failed link.
B. The EIGRP neighbor connected to Fa0/1 is participating in a different EIGRP process, causing the adjacency to go down.
C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down.
D. Interface Fa0/1 has become error disabled, causing the EIGRP adjacency to go down.

Answer 77

C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down.

Question 78

What command instructs the device to timestamp Syslog debug messages in milliseconds?

A. service timestamps log datetime localtime
B. service timestamps debug datetime msec
C. service timestamps debug datetime localtime
D. service timestamps log datetime msec

Answer 78

B. service timestamps debug datetime msec

Question 79

What is the default Syslog facility level?

A. local4
B. local5
C. local6
D. local7

Answer 79

D. local7

Question 80

A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)

A. informational
B. emergency
C. warning
D. critical
E. debug
F. error

Answer 80

B. emergency

D. critical

F. error

Question 81

Which three statements about Syslog utilization are true? (Choose three.)

A. Utilizing Syslog improves network performance.
B. The Syslog server automatically notifies the network administrator of network problems.
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
E. Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F. A Syslog server helps in aggregation of logs and alerts.

Answer 81

C. A Syslog server provides the storage space necessary to store log files without using router disk space.

D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.

F. A Syslog server helps in aggregation of logs and alerts.

Question 82

Syslog was configured with a level 3 trap. Which 3 types of logs would be generated (choose three)

A. Emergencies
B. Alerts
C. Critical
D. Errors
E. Warnings

Answer 82

A. Emergencies
B. Alerts
C. Critical

Question 83

What are the Popular destinations for syslog messages to be saved?

A. Flash
B. The logging buffer .RAM
C. The console terminal
D. Other terminals
E. Syslog server

Answer 83

B. The logging buffer .RAM

C. The console terminal

E. Syslog server

Question 84

Which three are the components of SNMP? (Choose three)

A. MIB
B. SNMP Manager
C. SysLog Server
D. SNMP Agent
E. Set

Answer 84

A. MIB

B. SNMP Manager

D. SNMP Agent

Question 85

What is the first step you perform to configure an SNMPv3 user?

A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.

Answer 85

B. Configure the server group.