SNMP Flashcards
Application layer management protocol that supports message exchange
SNMP (Simple Network Management Protocol)
What three components are SNMP broken down into?
MIB (Management Information Base)
SNMP Agent
SNMP Manager
Virtual information storage collection that contains collections of managed objects
MIB
Runs directly on the managed device and collects all device information and translates it into a compatible SNMP format according to the MIB
SNMP Agent
Periodically polls SNMP agents on managed devices and queries the device for the data
SNMP Manager
Where do routers and all other network devices store statistics about the information of the processes and interfaces?
locally
What is the function of the SNMP manager?
Polls SNMP agents
Queries devices for data
Set thresholds to trigger alarms
What operation will get the information from the MIB to the SNMP Agent?
Get
What operation will get the next MIB object to the SNMP Agent?
Get-next
What operation allows a management application to retrieve a large section of the table at once?
Get-bulk
What operation is used to get information to the MIB from an SNMP manager? (Set values of the MIB)
Set
The SNMP Agent uses this operation to send triggered pieces of information to the SNMP Manager
Trap
What operation adds an acknowledgement that the Trap doesn’t provide?
Inform
What is a community?
password, plain-text string
What are the three types of communities?
Read-only
Read-write
Trap
Allows any SNMP application to gain access to the management information of the device?
Community string
What are the key security features of SNMPv3?
Hashing algorithms
Packet encryption
Individual passwords
What are the three levels of security in SNMPv3?
No authentication, no encryption (noAuthNoPriv) Authentication, but no encryption (authNoPriv) Authentication and encryption (authPriv)
What command sets the system contact string?
snmp-server contact [contact name]
What command sets the system location string?
snmp-server location [location]
What command defines the community access string with a read-only or read-write privilege?
snmp-server community [string] (ro/rw)
Gives read access to authorized management stations to all objects in the MIB, except the community strings, but it does not allow write access.
Read-only
Gives read and write access to authorized management stations to all objects in the MIB, but it does not allow access to the community strings.
Read-write
How does the SNMP system get its name?
Automatically inherits the hostname
What command would define “Cisco1” as a read only community string?
snmp-server community Cisco1 ro
What command defines SRV1 (10.1.1.10) as the SNMP destination for the traps that R1 generates? Specify Cisco3 as the community string to be included in the traps
snmp-server host 10.1.1.10 Cisco3
What command displays community access strings?
show snmp community
What command displays SNMP system location string?
show snmp location
What command displays SNMP system contact information?
show snmp contact
What command displays the SNMP host details?
show snmp host
What command would configure SNMPv2 for read-only access using the community string of “not_public” on a router?
snmp-server community not_public ro
What command allows you to enable the correct location information for SNMP for the respective router hostname and OSPF area of the HQ router (HQ-OSPF0)?
snmp-server location HQ-OSPF0
What SNMP configuration command requires a contact of “support@CCS.com”
snmp-server contact support@CCS.com
What SNMP command defines the Network Management Station (172.16.100.10) as the SNMP destination for traps that are generated by the HQ router with the community string “log_CCS” to be included in the traps?
snmp-server host 172.16.100.10 log_CCS
You want to configure SNMPv3 to use encrypted authentication. What security level should be configured?
authPriv
What command will configure a router to send SNMP traps to the host at 192.168.51.50 by using SNMPv3 with username BOSON?
snmp-server host 192.168.51.50 traps version 3 private BOSON
What commands would ensure that only critical DPS traps are sent to the SNMP server?
snmp-server host host1 snmp-server enable traps alarms 1 snmp-server enable traps dsp
What are the four alarm security levels?
Critical
Major
Minor
Informational
If no security level is defined when traps are enabled, what is the default level?
4
You modify the engine ID on an SNMPv3 agent that is configured with three remote SNMPv3 users. One of the users leaves the company. Your supervisor asks you to remove the user’s account. What should you do?
Reconfigure SNMP
If you modify the engine ID after creating users, will you be able to remove existing users?
No
At which security level does SNMPv3 use CBC-DES to encrypt authentication?
authPriv
Without additional parameters, the snmp-server enable traps command does what?
configures Cisco device to send all SNMP notifications
What SNMP version does not include a bulk retrieval tool?
SNMPv1
How does SNMPv3 use HMAC-SHA or HMAC-MD5?
as authentication hashes at the authNoPriv security level as authentication hashes at the authPriv security level
What encryption standards can be used during the authentication process at the authPriv security level?
Data Encryption Standard (DES) Triple DES (3DES) Advanced Encryption Standard (AES)
What security level authenticates by matching the user name in clear text?
noAuthNoPriv
What security levels authenticate by matching a hash of the user name?
authNoPriv
authPriv
What version of SNMP authenticates by matching a user name to authenticate?
SNMPv3
What versions of SNMP authenticate by matching a clear-text community string?
SNMPv1
SNMPv2C
A Network Management Station (NMS) is using SNMP to manage some Cisco routers and switches with SNMPv2c. How does the SNMP agent on a router authenticates any SNMP Get requests received from the NMS?
Using either the read-write or read-only community string
A router has been configured with the global command snmp-server community (textvalue1) RO (textvalue2). What does this command mean?
The router’s read-only community is textvalue1
The router filters incoming SNMP messages using IPv4 ACL textvalue2
What command primarily lists snmp counters and status information, instead of configuration settings?
show snmp
The first SNMP version to support user and group identification in its authentication security model
SNMPv3
Before SNMPv3 users can be configured, what must you first configure?
- SNMPv3 group that maps users to views
- IP address or port number for remote SNMP agent where the user is configured
- SNMP engine ID
What command configures the SNMP engine ID?
snmp-server engineID
What SNMP versions use community strings to provide authentication?
SNMPv1
SNMPv2
Database of variables that make up the parameters, status, and counters for the operations of the device.
Management Information Base
The NMS sends SNMP ____ messages to write variables on the SNMP agent as a means to change the configuration of the device.
Set
To be proactive, administrator can set _____ for certain key variables, telling the NMS to send a notification (email, text, and so on) when this is passed.
threshold
What two types of SNMP messages can be used by the SNMP agent to send a message to the NMS listing the state of certain MIB variables when those variables reach a certain state.
inform
trap
What type of SNMP message uses UDP and has built in application layer reliability?
inform NMS must acknowledge receipt of the Inform or the SNMP agent will time out and resend the Inform
The Management Information Base (MIB) defines each variable as an ____.
Object ID (OID)
How does the MIB organize variables?
Into a hierarchy or OIDs
What is Cisco Prime an example of?
NMS (Network Management System)
This mechanism, applied to all SNMPv3 messages, confirms whether or not each message has been changed during transit.
Message integrity
An optional feature that adds authentication with both a username and password, with the password never sent as clear text. Instead it uses a hashing method like many other modern authentication processes.
Authentication
An optional feature that encrypts the contents of SNMPv3 messages so that attackers who intercept the messages cannot read their contents.
Encryption
Which version of SNMP first allowed user-based access?
SNMPv3
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three.)
A. SNMPv3 enhanced SNMPv2 security features.
B. SNMPv3 added the Inform protocol message to SNMP.
C. SNMPv2 added the Inform protocol message to SNMP.
D. SNMPv3 added the GetBulk protocol messages to SNMP.
E. SNMPv2 added the GetBulk protocol message to SNMP.
F. SNMPv2 added the GetNext protocol message to SNMP.
A. SNMPv3 enhanced SNMPv2 security features.
C. SNMPv2 added the Inform protocol message to SNMP.
E. SNMPv2 added the GetBulk protocol message to SNMP.
What authentication type is used by SNMPv2?
A. HMAC-MD5
B. HMAC-SHA
C. CBC-DES
D. community strings
D. community strings
What SNMP message alerts the manager to a condition on the network?
A. response
B. get
C. trap
D. capture
C. trap
What are three components that comprise the SNMP framework? (Choose three.)
A. MIB
B. agent
C. set
D. AES
E. supervisor
F. manager
A. MIB
B. agent
F. manager
Which three features are added in SNMPv3 over SNMPv2?
A. Message Integrity
B. Compression
C. Authentication
D. Encryption
E. Error Detection
A. Message Integrity
C. Authentication
D. Encryption
What is the alert message generated by SNMP agents called ?
A. TRAP
B. INFORM
C. GET
D. SET
A. TRAP
B. INFORM
Which protocol can cause overload on a CPU of a managed device?
A. Netflow
B. WCCP
C. IP SLA
D. SNMP
D. SNMP
Refer to the exhibit. What is the cause of the Syslog output messages?
A. The EIGRP neighbor on Fa0/1 went down due to a failed link.
B. The EIGRP neighbor connected to Fa0/1 is participating in a different EIGRP process, causing the adjacency to go down.
C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down.
D. Interface Fa0/1 has become error disabled, causing the EIGRP adjacency to go down.
C. A shut command was executed on interface Fa0/1, causing the EIGRP adjacency to go down.
What command instructs the device to timestamp Syslog debug messages in milliseconds?
A. service timestamps log datetime localtime
B. service timestamps debug datetime msec
C. service timestamps debug datetime localtime
D. service timestamps log datetime msec
B. service timestamps debug datetime msec
What is the default Syslog facility level?
A. local4
B. local5
C. local6
D. local7
D. local7
A network administrator enters the following command on a router: logging trap 3. What are three message types that will be sent to the Syslog server? (Choose three.)
A. informational
B. emergency
C. warning
D. critical
E. debug
F. error
B. emergency
D. critical
F. error
Which three statements about Syslog utilization are true? (Choose three.)
A. Utilizing Syslog improves network performance.
B. The Syslog server automatically notifies the network administrator of network problems.
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
E. Enabling Syslog on a router automatically enables NTP for accurate time stamping.
F. A Syslog server helps in aggregation of logs and alerts.
C. A Syslog server provides the storage space necessary to store log files without using router disk space.
D. There are more Syslog messages available within Cisco IOS than there are comparable SNMP trap messages.
F. A Syslog server helps in aggregation of logs and alerts.
Syslog was configured with a level 3 trap. Which 3 types of logs would be generated (choose three)
A. Emergencies
B. Alerts
C. Critical
D. Errors
E. Warnings
A. Emergencies
B. Alerts
C. Critical
What are the Popular destinations for syslog messages to be saved?
A. Flash
B. The logging buffer .RAM
C. The console terminal
D. Other terminals
E. Syslog server
B. The logging buffer .RAM
C. The console terminal
E. Syslog server
Which three are the components of SNMP? (Choose three)
A. MIB
B. SNMP Manager
C. SysLog Server
D. SNMP Agent
E. Set
A. MIB
B. SNMP Manager
D. SNMP Agent
What is the first step you perform to configure an SNMPv3 user?
A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.
B. Configure the server group.
