CompTIA Network+ N10-008 CH20 - Course Quiz
This flashcard set from CompTIA Network+ N10-008 Chapter 20 highlights packet sniffers and their function. It explains that these tools capture network traffic and save the data in a capture file for analysis and troubleshooting.
A packet sniffer is a program that queries a network interface and collects packets in a file called a ______________ file?
capture
log
flow cache
syslog
capture
Key Terms
A packet sniffer is a program that queries a network interface and collects packets in a file called a ______________ file?
capture
log
flow cache
syslog
capture
In NetFlow, flows are stored in a _____________?
log
flow cache
packet
frame
flow cache
An agent can solicit information from an NMS with the ____________ protocol data unit (PDU)?
set
get
response
trap
trap
It is a good idea to give root access to critical log files for performance reasons?
True
False
False
The SNMP Manager requests and processes information from the ____________ devices?
opened
closed
managed
privileged
managed
Which underlying protocol enables network monitoring tools to work?
TCP
SNMP
UDP
SMTP
SNMP (Simple Network Management Protocol)
Related Flashcard Decks
Study Tips
- Press F to enter focus mode for distraction-free studying
- Review cards regularly to improve retention
- Try to recall the answer before flipping the card
- Share this deck with friends to study together
| Term | Definition |
|---|---|
A packet sniffer is a program that queries a network interface and collects packets in a file called a ______________ file? capture | capture |
In NetFlow, flows are stored in a _____________? log | flow cache |
An agent can solicit information from an NMS with the ____________ protocol data unit (PDU)? set | trap |
It is a good idea to give root access to critical log files for performance reasons? True | False |
The SNMP Manager requests and processes information from the ____________ devices? opened | managed |
Which underlying protocol enables network monitoring tools to work? TCP | SNMP (Simple Network Management Protocol) |
A single flow in NetFlow is a sequence of packets from one specific place to another? True | True |
Which program is an example of a powerful and open source protocol analyzer? wireshark | Wireshark |
On which port does NMS receive/listen? 160 | 162 (Network Management System) |
Which tool was developed for packet flow monitoring and was subsequently included in Cisco Routers and Switches? NetFlow | NetFlow |
Interface monitors track the quality and utilization of traffic through a physical _____________ or ports on a single device? network interface card (NIC) | port |
In the case of a Switch, it is typical for packet sniffers to connect to an interface using a _____________ port? virtual | mirrored |
Which one function is sent when an SNMP Manager wants to query an agent? Set | Get |
Which term does Performance Monitor use when referring to the monitored aspect of the System? facilities | counters |
The current version of SNMP is SNMPv3? True | True |
Which tool is used to create a baseline on Windows Systems? Performance Monitor | Performance Monitor |
What User Datagram Protocol (UDP) ports does SNMP use for unsecure communication? 61 and 62 | 161 and 162 Explanation: |
Which program is an example of graphing tool that could be used to show everything about specific switches? NetFlow | Cacti |
An SNMP System has up to ______________ core functions (depending on the version of SNMP)? two | eight |
Performance Monitors use system ____________ files to track performance over time? Access Control List (ACL) | log |
Which core function is sent by the agent after the SNMP manager queries an agent with a GetRequest or GetNextRequest? Set | Response |
Which sensors monitor environmental factors, such as external temperatures, humidity levels in the server room, issues with electrical load, and more? interface | environmental |
All operating systems come with some form of baseline tools? True | True |
NetFlow is another name for SNMP? True | False |
Which interface statistic value increases when packets are received that are shorter than Ethernet's minimum size of 64 bytes? encapsulation | runts |
An NMS can tell an agent to make changes to the information it queries and sends, called variables, through a __ protocol data unit (PDU)? Set | Set |
Managed devices run software called __? robots | agents |
In NetFlow, a single flow is a sequence of ___ from one specific place to another? frames | packets |
If you want to know how hard your network is working, us a __? management information base | interface monitor |
A ___ is a centralized location for technicians and administrators, used to manage all aspects of the Network? | Network Operations Center (NOC) |
On an SNMP managed network, a ___ program could create graphs and diagrams that display any set of the data received? | graphing |
SNMP adds security using _? | Transport Layer Security (TLS) |
In packet flow monitrong, a single ____ is a sequence of packets from one specific place to another? | flow |
With interface monitoring, _ references how much of the port's total bandwidth is being used? | utilization |
track the bandwidth and utilization of one or more interfaces on one or more devices? | Interface Monitor |
The most common macOS and Linux Performance Monitor tool is called _? | Syslog |
A tracks the performance of some aspect of a system over time and lets you know when things aren't normal? | Performance Monitor |
are the computers within a Network that are receiving the most data? | Top Listeners |
SNMP uses _ to categorize the data that can be queried (and subsequently analyzed)? | Management Information Bases (MIB) |
The is the defacto network management protocol for TCP/IP Networks? | Simple Network Management Protocol (SNMP) |
The ___ utility can quickly query any SNMP device directly from a computer's terminal? | snmpwalk |
The common term for each of the SNMP System core functions is __? | Protocol Data Unit (PDU) |
Describe the ports SNMP uses for unsecure and secure communications? | SNMP Managers use UDP Ports 162 or 10162 with Transport Layer Security (TLS). SNMP Agents use Ports 161 or 10161 with Transport Layer Security (TLS). |
List the four major types of monitoring tools? | Packet (Sniffers) |
Describe a baseline and explain how a baseline can point to problems on a Server or the Network? | A Baseline is a log of normal operational performance to give you a picture of your network and servers when they are working correctly. |
How should an administrator enable NetFlow in order to use it? | NetFlow is Enabled on the Device, if the device doesn't support NetFlow, you can use stand-alone probes that can monitor maintenance ports on the unsupported device and send the information to the NetFlow collector. |
Identify three components in a Managed Network? | Managed (Devices) |
Describe the two most common performance monitor tools? | Windows Performance Monitor (perfmon.exe) | Syslog (found in macOS and Linux) |
What are SNMP Alerts and how are they disseminated? | Alerts, Notifications - they are sent directly to techs - via SMS text messaging and email alerts - when their intervention is required. |
Describe the key component that enables performance monitors to track performance over time? | Logs - They store information about the performance of some particular aspect of a system. |
Briefly list the versions of SNMP? | SNMPv1 |
Explain the purpose of applications like Cacti? | They enable you to see very quickly essential facts about your Network Hardware. |
Briefly describe a packet sniffer? | It's a program that queries a Network interface and collects packets in a file called a capture file. Might sit on a single computer or perhaps on a Router or a dedicated piece of hardware. |
Explain why access to active logs must be carefully controlled and explain how this can be accomplished? | Because logs often contain private or sensitive data. |
Identify additional terms for utilities that analyze packets? | Packet (Sniffer) |