Question No. 1
What updates have been brought by snmpv2 to SNMPv1 communication architecture? [2 marks]
Question No. 2
How SNMPv3 enhances security compared to SNMPv2? [2 marks]
Question No. 3
Define RMON [1 mark]
What are the benefits of RMON ? [1 mark]
Question No. 4
As a network manager, you are responsible for the operation of a network. You notice heavy
traffic in a host that is on a TCP/IP network and want to find out the details:
What basic network monitoring tool(s) would you use? [1 mark]
What would you look for in your results? [1 mark]
Question No. 5
What is the difference between nslookup & dig? [1 marks]
Question No. 5
Install wireshark and capture IP packets on your Ethernet interface.
Put a screenshot of IP packets captured on your device. [1 marks]
Analyze their headers and contents. [2 marks] (1 mark bonus for
Solution
Answer 1.
SNMPv1 (Simple Network Management Protocol) v1 was designed as a short term solution to
allow management of TCP/IP - based internets. Although it was simple there were some major
issues in SNMPv1, viz Expressiveness of MIB definitions, performance and security issues.
Some key differences brought in SNMPv2 are:
Answer 2:
The newer version of SNMP, i.e. SNMPv3 was released to cover some of the security issues that
plagued SNMPv2. SNMPv3 framework augments the original SNMP and SNMPv2
specifications with additional security and administration capabilities. Security and remote
configuration capabilities were added in the newer version. The SNMPv3 architecture introduces
the User-based Security Model (USM) for message security and View-based Access Control
Model(VACM) for access control. The architecture supports the concurrent use of different
security, access control and message processing protocols. SNMPv2 also introduces the ability to
dynamically
configure the SNMP agent using SNMP SET commands against the MIB objects that represent
the agent\'s configuration. The dynamic configuration support enables addition, deletion and
modification of configuration entries locally or remotely. The latest architecture incorporates an
SNMP context engine ID to encode and decode SNMP contexts.
In short, SNMPv3 provides three layers of security. The highest level is with authentication and
privacy. The second or middle level is with authentication and no privacy and the bottom level is
without authentication and privacy.
Answer 3:
Remote Monitoring (RMON) is a standard specification that facilitates the monitoring ,
analyzing and troubleshooting of network operational activities through the use of remote
devices known as monitors or probes.
RMON provides the benefits of standarazation and improves efficiency by allowing you to
remain at one workstation and collect information from widely dispersed LAN segments or
VLANs. RMON also allows proactive management and reduces the traffic load.
Answer 4:
Microsoft network monitor and CapsaFree are a few of the basic tools one can use for in this
case. Main features of MNM i.
Question No. 1What updates have been brought by snmpv2 to SNMPv1 c.pdf
1. Question No. 1
What updates have been brought by snmpv2 to SNMPv1 communication architecture? [2 marks]
Question No. 2
How SNMPv3 enhances security compared to SNMPv2? [2 marks]
Question No. 3
Define RMON [1 mark]
What are the benefits of RMON ? [1 mark]
Question No. 4
As a network manager, you are responsible for the operation of a network. You notice heavy
traffic in a host that is on a TCP/IP network and want to find out the details:
What basic network monitoring tool(s) would you use? [1 mark]
What would you look for in your results? [1 mark]
Question No. 5
What is the difference between nslookup & dig? [1 marks]
Question No. 5
Install wireshark and capture IP packets on your Ethernet interface.
Put a screenshot of IP packets captured on your device. [1 marks]
Analyze their headers and contents. [2 marks] (1 mark bonus for
Solution
Answer 1.
SNMPv1 (Simple Network Management Protocol) v1 was designed as a short term solution to
allow management of TCP/IP - based internets. Although it was simple there were some major
issues in SNMPv1, viz Expressiveness of MIB definitions, performance and security issues.
Some key differences brought in SNMPv2 are:
Answer 2:
The newer version of SNMP, i.e. SNMPv3 was released to cover some of the security issues that
plagued SNMPv2. SNMPv3 framework augments the original SNMP and SNMPv2
specifications with additional security and administration capabilities. Security and remote
configuration capabilities were added in the newer version. The SNMPv3 architecture introduces
the User-based Security Model (USM) for message security and View-based Access Control
Model(VACM) for access control. The architecture supports the concurrent use of different
security, access control and message processing protocols. SNMPv2 also introduces the ability to
2. dynamically
configure the SNMP agent using SNMP SET commands against the MIB objects that represent
the agent's configuration. The dynamic configuration support enables addition, deletion and
modification of configuration entries locally or remotely. The latest architecture incorporates an
SNMP context engine ID to encode and decode SNMP contexts.
In short, SNMPv3 provides three layers of security. The highest level is with authentication and
privacy. The second or middle level is with authentication and no privacy and the bottom level is
without authentication and privacy.
Answer 3:
Remote Monitoring (RMON) is a standard specification that facilitates the monitoring ,
analyzing and troubleshooting of network operational activities through the use of remote
devices known as monitors or probes.
RMON provides the benefits of standarazation and improves efficiency by allowing you to
remain at one workstation and collect information from widely dispersed LAN segments or
VLANs. RMON also allows proactive management and reduces the traffic load.
Answer 4:
Microsoft network monitor and CapsaFree are a few of the basic tools one can use for in this
case. Main features of MNM include support for over 300 public and Microsoft proprietary
protocols, simultaneous capture sessions, a Wireless Monitor Mode and sniffing of promiscuous
mode traffic, amongst others.
Answer 5:
Basic difference between nslookup and dig is that dig uses the OS resolver libraries and
nslookup uses is own internal ones.
Dig provides more detail, more advanced domain info. while nslookup provides basic info. for
name queries. The more information the better.