Chapter 20: Network Monitoring

Question 1

Simple Network Management Protocol (SNMP)

Answer 1

The network management protocol for TCP/IP.

UDP ports 161/162 or 10161/10162

Question 2

SNMP Manager

Answer 2

Requests and processes info from the managed devices

Question 3

Management Information Bases (MIB)

Answer 3

Used to categorize the data that can be queried from the managed devices.

Question 4

Extensible Protocol

Answer 4

A protocol that can be adapted to accommodate different needs.

Question 5

Protocol Data Unit (PDU)

Answer 5

Specialized type of command and control packet found in SNMP management systems.

Question 6

snmpwalk

Answer 6

Tells the SNMP manager to perform a series of Get commands

Question 7

Packet Sniffer

Answer 7

A program that queries a network interface and collects packets in a file

Question 8

Packet Analyzer

Answer 8

Analyzes the file from a packet sniffer

Question 9

Interface Monitor

Answer 9

Tracks the bandwidth and utilization of devices.

Question 10

Performance Monitor

Answer 10

Tracks the performance of some aspect of a system over time.

Question 11

Performance Monitor for Windows

Answer 11

PerfMon

Question 12

Performance Monitor for Linux

Answer 12

syslog

Question 13

Baseline

Answer 13

A log that gives you a picture of your network when it’s working correctly

Question 14

Cycling

Answer 14

As a new record appears in a full file, the oldest record is deleted

Question 15

SIEM

Answer 15

Security Information and Event Management