Last Updated on November 10, 2022 by InfraExam
CCNA 4 Chapter 8
What are the most common syslog messages?
- those that occur when a packet matches a parameter condition in an access control list
- link up and link down messages
- output messages that are generated from debug output
- error messages about hardware or software malfunctions
When logging is used, which severity level indicates that a device is unusable?
- Alert – Level 1
- Critical – Level 2
- Emergency – Level 0
- Error – Level 3
Refer to the exhibit. Which two conclusions can be drawn from the syslog message that was generated by the router? (Choose two.)
- This message resulted from an unusual error requiring reconfiguration of the interface.
- This message indicates that the interface should be replaced.
- This message is a level 5 notification message.
- This message indicates that service timestamps have been configured.
- This message indicates that the interface changed state five times.
A network technician has issued the service timestamps log datetime command in the configuration of the branch router. Which additional command is required to include the date and time in logged events?
- Branch1(config)# service timestamps log uptime
- Branch1# clock set 08:00:00 05 AUG 2013
- Branch1(config)# service timestamps debug datetime
- Branch1# copy running-config startup-config
Refer to the exhibit. From what location have the syslog messages been retrieved?
- syslog server
- syslog client
- router RAM
- router NVRAM
Refer to the exhibit. What does the number 17:46:26.143 represent?
- the time passed since the syslog server has been started
- the time when the syslog message was issued
- the time passed since the interfaces have been up
- the time on the router when the show logging command was issued
Which destination do Cisco routers and switches use by default when sending syslog messages for all severity levels?
- nearest syslog server
A network administrator has issued the logging trap 4 global configuration mode command. What is the result of this command?
- After four events, the syslog client will send an event message to the syslog server.
- The syslog client will send to the syslog server any event message that has a severity level of 4 and higher.
- The syslog client will send to the syslog server any event message that has a severity level of 4 and lower.
- The syslog client will send to the syslog server event messages with an identification trap level of only 4.
Which statement describes SNMP operation?
- An NMS periodically polls the SNMP agents that are residing on managed devices by using traps to query the devices for data.
- A get request is used by the SNMP agent to query the device for data.
- An SNMP agent that resides on a managed device collects information about the device and stores that information remotely in the MIB that is located on the NMS.
- A set request is used by the NMS to change configuration variables in the agent device.
What are SNMP trap messages?
- messages that are used by the NMS to query the device for data
- unsolicited messages that are sent by the SNMP agent and alert the NMS to a condition on the network
- messages that are used by the NMS to change configuration variables in the agent device
- messages that are sent periodically by the NMS to the SNMP agents that reside on managed devices to query the device for data
Which SNMP feature provides a solution to the main disadvantage of SNMP polling?
- SNMP set messages
- SNMP trap messages
- SNMP get messages
- SNMP community strings
When SNMPv1 or SNMPv2 is being used, which feature provides secure access to MIB objects?
- packet encryption
- message integrity
- community strings
- source validation
A network administrator has issued the snmp-server user admin1 admin v3 encrypted auth md5 abc789 priv des 256 key99 command. What are two features of this command? (Choose two.)
- It adds a new user to the SNMP group.
- It restricts SNMP access to defined SNMP managers.
- It forces the network manager to log into the agent to retrieve the SNMP messages.
- It uses the MD5 authentication of the SNMP messages.
- It allows a network administrator to configure a secret encrypted password on the SNMP server.
How can SNMP access be restricted to a specific SNMP manager?
- Use the snmp-server community command to configure the community string with no access level.
- Specify the IP address of the SNMP manager by using the snmp-server host command.
- Use the snmp-server traps command to enable traps on an SNMP manager.
- Define an ACL and reference it by using the snmp-server community command.
A network administrator issues two commands on a router:
R1(config)# snmp-server host 10.10.50.25 version 2c campus
R1(config)# snmp-server enable traps
What can be concluded after the commands are entered?
- No traps are sent, because the notification-types argument was not specified yet.
- Traps are sent with the source IP address as 10.10.50.25.
- If an interface comes up, a trap is sent to the server.
- The snmp-server enable traps command needs to be used repeatedly if a particular subset of trap types is desired.
Refer to the exhibit. What can be concluded from the produced output?
- An ACL was configured to restrict SNMP access to an SNMP manager.
- This is the output of the show snmp command without any parameters.
- The system contact was not configured with the snmp-server contact command.
- The location of the device was not configured with the snmp-server location command.
What is a difference between SNMP and NetFlow?
- Unlike NetFlow, SNMP uses a “push”-based model.
- NetFlow collects more detailed traffic statistics on IP networks than SNMP does.
- SNMP only gathers traffic statistics, whereas NetFlow can also collect many other performance indicators, such as interface errors and CPU usage.
- Unlike NetFlow, SNMP may be used to provide IP accounting for billing purposes.
How does NetFlow function on a Cisco router or multilayer switch?
- Netflow captures and analyzes traffic.
- One user connection to an application exists as two NetFlow flows.
- On 2960 switches, Netlow allows for data export.
- NetFlow does not consume any additional memory.
Which type of information can an administrator obtain with the show ip cache flow command?
- the NetFlow version that is enabled
- whether NetFlow is configured on the correct interface and in the correct direction
- the configuration of the export parameters
- the protocol that uses the largest volume of traffic
Which two statements describe items to be considered in configuring NetFlow? (Choose two.)
- Netflow requires both management and agent software.
- Netflow requires UDP port 514 for notification messages.
- NetFlow consumes additional memory.
- Netflow can only be used in a unidirectional flow.
- NetFlow can only be used if all devices on the network support it.
What is the most common purpose of implementing NetFlow in a networked environment?
- to support accounting and monitoring with consumer applications
- to actively capture traffic from networked devices
- to monitor live data usage and to control traffic flow with set messages
- to passively capture changing events that occur in the network and to perform after-the-fact-analysis
Refer to the exhibit. While planning an upgrade, a network administrator uses the Cisco NetFlow utility to analyze data flow in the current network. Which protocol used the greatest amount of network time?
Fill in the blank.
The syslog protocol uses UDP port 514 and is the most common method to access system messages provided by networking devices.