C480 Chapter 11

verickle's version from 2016-10-26 20:44

Maintenance Tools

Question Answer
bit error rate (BER)BER = Bit errors / Bits transmitted
bit-error rate tester (BERT)used for troubleshooting a link where you suspect a high BER. contains both a pattern generator (which can generate a variety of bit patterns) and an error detector (which is synchronized with the pattern generator and can determine the number of bit errors), and it can calculate a BER for the tested transmission link.
Butt Set a piece of test equipment typically used by telephone technicians. The clips on the butt set can connect a punch-down block (for example, a 66 block or a 110 block) connecting to a telephone. This allows the technician to check a line (for example, to determine whether a dial tone is present on the line or to determine whether a call can be placed from the line).
Cable CertifierIf you are working with existing cable and want to determine its category, or if you simply want to test the supported frequency range (and therefore data throughput) of a cable, you can use a _____.
Cable Testercan test the conductors in an Ethernet cable for continuity
Crimpercan be used to attach a connector (for example, an RJ-45 connector) to the end of a UTP cable
Electrostatic Discharge Wrist Strapif you have any static buildup in your body, the static flows to the object with a ground potential, to which your strap is clipped, thus avoiding damage to any electrical components you might touch
Environmental Monitorsend an alert if the temperature in a room rises above or drops below administratively configured thresholds
Rack SecurityUnauthorized access to patch panels and cables can be restricted using patch panel protector and cable tracks.
Loopback Plugtakes the transmit pins on an Ethernet connector and connects them to the receive pins, such that everything that is transmitted is received back on the interface
Protocol Analyzercapture traffic flowing through a network switch, using the port mirroring feature of a switch
Looking-Glass Sitesallows users to connect to view the routing information from that server's perspective. These are normally related to Border Gateway Protocol (BGP) routes.
System and Network Integrated Polling Software (SNIPS)offers both web and command-line interfaces for monitoring network and system devices. Systems administrator can use the terminal or web interface to view reports in real time. The monitoring levels supported by _____ are: info, warning, error, and critical.
Throughput Testera network appliance that typically has multiple network interfaces and can generate high volumes of pseudo-random data
time domain reflectometer (TDR)identifying exactly where the break exists in a long length of copper cable
optical time domain reflectometer (OTDR)identifying exactly where the break exists in a long length of fiber-optic cable

Configuration Management

Question Answer
Asset managementa formalized system of tracking network components and managing the lifecycle of those components
PPDIOOCisco Lifecycle Services maintenance model, which defines distinct phases in the lifecycle of a network asset
Baseliningdata under normal operating conditions
Cable managementDesigning and troubleshooting large networks requires documentation about a network's existing cable (that is, copper and fiber-optic cable) infrastructure.
Change managementsoftware used by network administrators to alert other network administrators about an upcoming network change (for example, an Internet access outage required to swap out a router)
Maintenance WindowThe amount of time a system will be down or unavailable or a period of time during which planned outages and changes to production services and systems may occur for implementing changes
Contact informationIn larger networks, where different devices fall under different administrative authorities, you need to be able to quickly reach a responsible party to respond to an event.
Policiesa set of written internal operating procedures, policies, and standards
Network maps and diagramsA collection of network maps should include both a map of a network's physical topology and a map of a network's logical topology.


Question Answer

Monitoring Resources and Reports

Question Answer
Simple Network Management Protocol (SNMP)used for collecting information from, and configuring, network devices, such as servers, printers, hubs, switches, and routers
Syslog serversreceives and stores log messages sent from syslog clients
Syslog clientssend logging information to a syslog server

Components of an SNMPv1 and SNMPv2c Network-Management Solution

Question Answer
SNMP managerruns a network management application. sometimes referred to as a network management system (NMS).
SNMP agenta piece of software that runs on a managed device (for example, a server, router, or switch).
Management Information Base (MIB)Information about a managed device's resources and activity is defined by a series of objects. The structure of these management objects is defined by a managed device's MIB. Interfaces and their details (errors, utilization, discards, packet drops, resets, speed and duplex), system memory, utilization of bandwidth, storage, CPU, memory, and many other details are able to be monitored and reported via SNMP.

SNMP message types

Question Answer
Getretrieves information from a managed device.
Setsets a variable in a managed device or triggers an action on a managed device.
Trapan unsolicited message sent from a managed device to an SNMP manager, which can notify the SNMP manager about a significant event that occurred on the managed device.

SNMP Security

Question Answer
Security modelDefines an approach for user and group authentications (for example, SNMPv1, SNMPv2c, and SNMPv3).
Security levelDefines the type of security algorithm performed on SNMP packets. The three security levels discussed here are the following:
noAuthNoPriv (no authorization, no privacy)uses community strings for authorization and does not use encryption to provide privacy.
authNoPriv (authorization, no privacy) :provides authorization using hashed message authentication code (HMAC) with message digest 5 (MD5) or Secure Hash Algorithm (SHA). However, no encryption is used.
Question Answer
authPriv (authorization, privacy)offers HMAC MD5 or SHA authentication and provides privacy through encryption. Specifically, the encryption uses the Cipher Block Chaining (CBC) Data Encryption Standard (DES) (DES-56) algorithm.
IntegrityUsing hashing algorithms, SNMPv3 ensures that an SNMP message was not modified in transit.
AuthenticationHashing allows SNMPv3 to validate the source of an SNMP message.
EncryptionUsing the CBC-DES (DES-56) encryption algorithm, SNMPv3 provides privacy for SNMP messages, making them unreadable by an attacker who might capture an SNMP packet.

Security Models and Security Levels Supported by Cisco IOS

Security ModelSecurity LevelAuthentication StrategyEncryption Type
SNMPv1noAuthNoPrivCommunity stringNone
SNMPv2 cnoAuthNoPrivCommunity stringNone
SNMPv3authNoPrivMD5 or SHANone
SNMPv3authPrivMD5 or SHACBC-DES (DES-56)

Syslog Severity Levels

0EmergenciesThe most severe error conditions, which render the system unusable
1AlertsConditions requiring immediate attention
2CriticalA less-severe condition, as compared to alerts, which should be addressed to prevent an interruption of service
3ErrorsNotifications about error conditions within the system that do not render the system unusable
4WarningsNotifications that specific operations failed to complete successfully
5NotificationsNonerror notifications that alert an administrator about state changes within a system
6InformationalDetailed information about the normal operation of a system
7DebuggingHighly detailed information (for example, information about individual packets), which is typically used for troubleshooting purposes