Ch 26

Question 1

Can an SNMP agent initiate communications with an SNMP manager?

Answer 1

yes

Question 2

What is the difference between a trap and an inform?

Answer 2

An inform has to be acknowledged by the SNMP manager or it will send it again. A trap does not.

Question 3

Which community string is required for a ‘get’?

Answer 3

RO or RW

Question 4

In SNMPv3 what kind of security protocols are supported for authentication?

Answer 4

Hash algorithms of SHA or MD5

Question 5

Which ‘show’ command primarily lists counters and status info rather than configuration information?

Answer 5

show snmp

Question 6

Can more than one source port be included in a single SPAN session?

Answer 6

yes

Question 7

Can a SPAN source include a switchport and a VLAN?

Answer 7

No

Question 8

What is the default state of SNMP on a new device?

Answer 8

SNMP is disabled

Question 9

How do you enable SNMPv2c?

Answer 9

Once the first ‘snmp-server’ command is entered SNMP becomes enabled

Question 10

How do you disable SNMPv2c?

Answer 10

no snmp-server

Question 11

What is the command to enable RO SNMP along with an IPv6 ACL?

Answer 11

snmp-server community (string) ipv6 (acl_name)

Question 12

What are the two commands needed to enable traps?

Answer 12

• snmp-server host 172.19.26.86 version 2c (community) * snmp-server enable traps

Question 13

What are the two commands needed to enable informs?

Answer 13

• snmp-server host 172.19.26.86 informs version 2c (community) * snmp-server enable traps

Question 14

What ‘show’ command repeats the community strings?

Answer 14

show snmp-server community

Question 15

What ‘show’ command lists the IP or hostname of the NMS?

Answer 15

show snmp-server host

Question 16

In SNMPv3 what does the command ‘snmp-server group’ do?

Answer 16

It contains the security settings for a group of users

Question 17

In SNMPv3 what does the command ‘snmp-server user’ do?

Answer 17

creates an SNMP user and associates the user with the Group

Question 18

In SNMPv3 what does the keyword ‘noauth’ do?

Answer 18

• checks message integrity * no authentication * no encryption

Question 19

In SNMPv3 what does the keyword ‘auth’ do?

Answer 19

• checks message integrity * performs authentication * no encryption

Question 20

In SNMPv3 what does the keyword ‘priv’ do?

Answer 20

• checks message integrity * performs authentication * performs encryption

Question 21

In SNMPv3 what command creates a group that requires authentication, is read-only, and has an ACL of SNMP_ACL?

Answer 21

snmp-server group myROgroup v3 auth access SNMP_ACL

Question 22

In SNMPv3 what command creates a group that requires authentication, encryption, is read-write and has an ACL of SNMP_ACL?

Answer 22

snmp-server group myRWgroup v3 priv write default1 access SNMP_ACL

Question 23

In SNMPv3 what encryption algorithms are supported?

Answer 23

DES, 3DES, AES

Question 24

In SNMPv3 what is the command to create a user who is a member of the myROgroup and uses MD5 password encryption?

Answer 24

snmp-server user myuser myROgroup v3 auth md5 AuthPassword

Question 25

In SNMPv3 what is the command to create a user who is a member of the myRWgroup, uses SHA password hash and 3DES encryption?

Answer 25

snmp-server user myuser myRWgroup v3 priv sha AuthPassword priv 3des EncryptKey

Question 26

What are 2 methods of Hash?

Answer 26

SHA and MD5

Question 27

What are 3 methods of encryption?

Answer 27

DES, 3DES, AES

Question 28

In SNMPv3 what are the 3 items in order to set up a read-only group with no authentication?

Answer 28

• snmp-server group MyGroupName * v3 * noauth

Question 29

In SNMPv3 what are the 3 items in order to set up a user for the read-only group with no authentication?

Answer 29

• snmp-server user MyUserName * MyGroupName * v3

Question 30

In SNMPv3 what is the format of the command for creating a read-write group?

Answer 30

• snmp-server group MyGroupName * v3 * noauth | auth | priv * write default1

Question 31

In SNMPv3 what is the format of the command for creating a user for the read-write group?

Answer 31

• snmp-server user MyUserName * MyGroupName * v3 * auth md5 | sha * MyPassword * priv des | 3des| aes * myEncryptKey

Question 32

In SNMPv3 how do you add an ACL to the SNMP agent?

Answer 32

add ‘access (myACL) to the end of the ‘snmp-server group’ statement

Question 33

In SNMPv3 what two ‘show’ commands allow you to verify the SNMP config?

Answer 33

show snmp group’ and ‘show snmp user’

Question 34

In SNMPv3 what is the command to enable traps?

Answer 34

• snmp-server enable traps * snmp-server host 172.19.26.86 version 3 (auth | noauth | priv) myUserName * the noauth|auth|priv must match the setting in the group that myUserName is in

Question 35

In SNMPv3 what is the command to verify the traps or informs configuration?

Answer 35

show snmp host

Question 36

In SNMPv3 what is the command to enable informs?

Answer 36

• snmp-server enable traps * snmp-server host 172.19.26.86 informs version 3 (auth | noauth | priv) myUserName * NOTE: the noauth|auth|priv must match the setting in the group that myUserName is in

Question 37

What 3 commands are the bare minimum for configuring an IP SLA ICMP probe?

Answer 37

• ip sla 1 * icmp-echo 10.1.2.3 source-ip 11.1.2.3 * ip sla schedule 1 life forever start-time now

Question 38

What ‘show’ commands can be used with IP SLA?

Answer 38

• show ip sla summary * show ip sla statistics 1 * show ip sla history

Question 39

What is the command to reset IP SLA counters?

Answer 39

ip sla restart (op_number)