7.3 Configure and verify device management 7.3.a Backup and restore device configuration 7.3.b Using Cisco Discovery Protocol or LLDP for device discovery 7.3.c Licensing 7.3.d Logging 7.3.e Timezone 7.3.f Loopback
Overview: The ICMP Echo operation measures end-to-end response time between a Cisco router and any devices using IP Study Notes: The ICMP Echo operation measures end-to-end response time between a Cisco router and a device using IP ICMP Echo is useful for troubleshooting network connectivity issues An IP SLA (Service Level Agreement) is configured […]
Overview: Syslog is a way for network devices to send event messages to a logging server, usually known as a Syslog server. Study Notes: Syslog – System Message Logging Syslog uses port 514 Controls the distribution of logging messages to various destinations based on the configuraiton Logging buffer Terminal lines Syslog server When disabled, […]
Overview: SNMPv3 contains significant changes to SNMPv2 including options for message integrity, authentication and encryption Study Notes: SNMPv3 does not use community-strings SNMPv3 provides message integrity, authentication, encryption Security model (Auth) is an authentication strategy for groups and users within those groups Security level (Priv) is the permitted level of security within a security […]
Overview: SNMPv2 improves upon the limitations in SNMPv1 Study Notes: SNMPv2 improves upon SNMPv1 (SNMPv1 was criticized for poor security) SNMPv2 includes these improvements Performance – GetBulkRequest in addition to the iterative GetNextRequest Security – party-based security system (obsoleted later due to complexity) Confidentiality Manager-to-manager communications SNMPv2 still uses the less secure community-string The […]
Overview: SNMP is a layer 7 application layer protocol consisting of an SNMP manager, an SNMP agent and MIBs. Syslog is a way for network devices to send event messages to a logging server, usually known as a Syslog server. Study Notes: The SNMP manager can be a standalone server or part of a […]
Overview: A device can be secured by using AAA with TACACS+, RADIUS or a combination of both. The use of TACACS+ and/or RADIUS allows a client to be authenticated against a remote server versus local authentication on the device. Study Notes: AAA AAA Authentication, Authorization, Accounting Access control is the way you control who […]
Overview: Basic device hardening consists of setting user authentication passwords, enable passwords, restricting access to the device through telnet/SSH and displaying login banners. Study Notes: Device hardening helps to restrict access to different command modes on routers and switches Command Mode Access Method Prompt Exit Method User EXEC Log in Router> Use the logout […]
Overview: The Cisco Application Policy Infrastructure Controller – Enterprise Module (APIC-EM) is Cisco’s Software Defined Networking (SDN) Controller for Enterprise Networks (Access, Campus, WAN and Wireless). Study Notes: Performing an ACL-Based Path Trace You can perform a path trace between two nodes in your network. The two nodes may be two hosts and/or Layer […]
Overview: Access-lists are used to permit and deny different traffic based on the filtering criteria specified in the list Study Notes: Access-lists are evaluated top down from first entry to last entry Once the traffic matches an entry in the list an action is taken – permit or deny Therefore, put more specific entries […]