Network Security FAQ: Logging and Auditing
Q1. List the various destinations to which the logging process can send logging messages.
Answer: The logging process can send logging messages to the following destinations:
- Logging buffer
- Terminal lines
- SYSLOG server
- Console port
Q2. What is SYSLOG?
Q3. Information at different warning levels is sent to a SYSLOG server. List the different warning levels.
Q4. SNMP works on which layer of the OSI model?
a. Network layer
b. Session layer
c. Application layer
d. Datalink layer
Q5: Explain the difference between traps and informs when talking about SNMP notifications.
Q6. When creating an access control for an SNMP community, which optional parameters can be configured to make it more secure?
Answer: The following optional parameters can be configured to make an access control for an SNMP community more secure:
- An access list of the SNMP managers that are permitted to use the community string to gain access
- A MIB view, which defines the subset of all MIB objects accessible to the given community
- Read and write or read-only access
Q7. What is the show snmp user command used for?
Q8. What is RMON, and when is it used?
Q9. What can be measured using SAA?
Answer: SAA measures the following:
- Network delay or latency
- Packet loss
- Network delay variation (jitter)
- Availability
- One-way latency
- Website download time
- Network statistics
Q10. What command is used to start SAA operation 3 immediately and to set the duration of that operation for 30 seconds?
RouterB(config)#rtr schedule 3 start-time now life 30