NETW208 Week 7 Quiz

Overview

This quiz covers essential concepts in network management, focusing on Syslog, SNMP (Simple Network Management Protocol), and NetFlow. These tools are critical for monitoring and managing network performance, ensuring that any issues can be quickly identified and addressed. The quiz tests knowledge on the configuration and operation of these tools, as well as the commands used to manage them on routers and other network devices.

Question 1: Syslog Port

Syslog uses UDP port 514 to send event notification messages across IP networks.

• Explanation: Syslog is a protocol used to send system log or event messages to a specific server, known as a Syslog server. It is widely used for monitoring and troubleshooting network devices. Syslog operates over UDP port 514, allowing for the efficient transmission of log messages without the overhead of establishing a TCP connection.

Question 2: Syslog Severity Levels

A Syslog Warning message has a severity level of 4.

• Explanation: Syslog messages are categorized into different severity levels, ranging from 0 (Emergency) to 7 (Debug). A severity level of 4 corresponds to a Warning message, indicating a potential issue that should be investigated but does not immediately affect network operations.

Question 3: Configuring Syslog Messages

To control the type of messages that will be sent to a Syslog server, the command to use when configuring Syslog for the type of messages to log is None of the Above.

• Explanation: The correct command to control the type of Syslog messages sent to a server is logging trap level, where “level” specifies the severity level of messages to be logged. This command allows administrators to filter messages based on their importance, ensuring that only relevant logs are recorded.

Question 4: SNMP Manager Requests

There are two primary SNMP manager requests: get and set.

• Explanation: SNMP (Simple Network Management Protocol) is used for collecting and organizing information about managed devices on IP networks. The get request retrieves information from a network device, while the set request is used to modify the configuration of a device.

Question 5: SNMP Information Base

The part of SNMP that is referred to as a Virtual Device Store and organizes variables associated with devices and buffers in a hierarchical order is called the Management Information Base (MIB).

• Explanation: The MIB is a database used by SNMP to manage the entities in a computer network. It organizes variables that are accessible via SNMP in a hierarchical structure, allowing for efficient monitoring and control of network devices.

Question 6: Optional SNMP Command

The optional command that can be entered on a router when configuring SNMP to document the area where the device is located is snmp-server location text.

• Explanation: The snmp-server location command is used to specify the physical location of a device. This information is useful for network administrators when managing large networks with devices spread across multiple locations.

Question 7: NetFlow Development

Historically, NetFlow was developed because networking professionals needed a simple and efficient method for tracking TCP/IP traffic.

• Explanation: NetFlow is a network protocol developed by Cisco for collecting IP traffic information. It provides detailed traffic analysis, allowing administrators to monitor the flow of data across the network, identify usage patterns, and troubleshoot network performance issues.

Question 8: NetFlow Capture Command

The command used to capture outgoing NetFlow data for monitoring on an interface is ip flow egress.

• Explanation: NetFlow can monitor both ingress (incoming) and egress (outgoing) traffic on an interface. The ip flow egress command is used to enable the capture of outgoing traffic data, which is then sent to a NetFlow collector for analysis.

Question 9: NetFlow Summary Command

The command that can be used on a router to display a summary of NetFlow accounting statistics and which protocols used the highest volume of traffic is show ip cache flow.

• Explanation: The show ip cache flow command provides a summary of NetFlow data, including information about the most active traffic flows and the protocols generating the most traffic. This command is useful for identifying network congestion points and optimizing traffic management.

Question 10: NetFlow Export Version

When enabling NetFlow, the command to use on a router that indicates the version to follow when formatting the NetFlow records is ip flow-export version #.

• Explanation: NetFlow records can be exported in different formats, depending on the version specified. The ip flow-export version command allows administrators to define the version of the NetFlow export format, ensuring compatibility with the NetFlow collector being used.