4.4 Given a scenario, use the appropriate network monitoring resource to analyze traffic.
Application log: The application log contains events logged by applications or programs. For example, a database program might record a file error in the application log. The developer decides which events to record.
System log: The system log contains events logged by the Windows 2000 system components. For example, the failure of a driver or other system component to load during startup is recorded in the system log. The event types logged by system components are predetermined.
Security log: The security log can record security events such as valid and invalid logon attempts, as well as events related to resource use, such as creating, opening, or deleting files. An administrator can specify what events are recorded in the security log. For example, if you have enabled logon auditing, attempts to log on to the system are recorded in the security log.
Antivirus log: Antivirus log analyzer can process log files from various antivirus packages and generate dynamic statistics from them, analyzing and reporting events.
Protocol Analyzer And Packet Analyzer (Sniffer): These are loaded on a computer and are controlled by the user in a GUI environment; they capture packets enabling the user to analyze them and view their contents. Example Network Monitor
Network Sniffer: These are third party equipments which perform network tests like load, connectivity, throughput. These include both hardware and software are provide results to improve network.
SNMP (Simple Network Management Protocol): It enables monitoring of remote systems. There are three main parts of SNMP a manager, an agent, and a database of management information. The manager provides the interface between the human network manager and the management system. The agent provides the interface between the manager and the physical device(s) being managed. The manager and agent use a Management Information Base (MIB) and a set of commands to exchange information.
4.5 Describe the purpose of configuration management documentation.
Wire schemes: A networks requires lot of wiring depending on its complexity. Mostly wiring in hidden in walls and ceiling therefore documentation of wiring should be kept up to date. It should include where wires are placed and what wires are used. This documentation will help in troubleshooting.
Network Maps: Network maps of both physical and logical topologies should be documented. Physical topology documentation will include location of network devices, ports used etc. and logical topology documentation will contain VLAN networks.
Well-functioning networks are characterized by documented
Acceptable use: This policy restricts how a computer network and other devices and systems will be used. It states what users can do and what not with technology infrastructure of an organization. It is signed by the employees before they begin working on any systems. This protects the organization from employees misusing the systems or network. The policy may put limits on personal use of resources, and resource access time.
Security policy: A company's security policy outlines the security measures to be taken. Implementing the security policy is the first thing that needs to be done.
procedures: These describe how tasks are performed. Like admin is supposed to take backups, how often backups are to be taken, where to store them etc.
Configurations: Both software and hardware configuration should be documented.
Regulations: All the restrictions with its legal consequences are documented.
Cable management: Proper documentation of networks cable infrastructure should be maintained. This will help in troubleshooting. It may include diagram of network's conduit system, location of punch down blocks etc.
Asset Management: It is procedure to track network components and managing thir lifecycle. It includes following steps:
Baseline: It is used to measure network performance by setting a base line for comparison.
Copyright © Anand Software and Training Private Limited.