Exam SY0-601 topic 1 question 353 discussion

The best method for monitoring network operations is to utilize an agentless monitor. An agentless monitor is a monitoring tool that can collect data and perform monitoring functions without the need for software agents installed on every device being monitored. This allows for efficient and centralized management of network monitoring and can provide real-time visibility into network performance, security events, and other critical metrics. Enabling SNMPv3 with passwords is a step in the right direction for securing Simple Network Management Protocol (SNMP), but it is not the best method for monitoring network operations. Continuous pinging can provide basic information about network availability, but it is limited in its ability to provide comprehensive visibility into network operations. Disabling Telnet and forcing SSH can enhance the security of remote access to network devices, but it does not address the need for comprehensive network monitoring.

Ridiculous question, standard CompTIA.

If question only ask for network engineer. the best answer should be D This question involved security engineer. the best choose is C.

The BEST method for monitoring network operations among the options provided is: C. Utilize an agentless monitor. An agentless monitor is a network monitoring solution that does not require the installation of additional software agents on monitored devices. Instead, it leverages existing protocols and interfaces, such as SNMP (Simple Network Management Protocol), ICMP (Internet Control Message Protocol), and HTTP (Hypertext Transfer Protocol), to gather performance metrics and monitor network devices and services. Agentless monitoring offers several advantages, including reduced overhead on monitored devices, simplified deployment and management, and compatibility with a wide range of devices and platforms. It allows network engineers and security engineers to collect relevant data about network operations, performance, and security posture without the need for deploying and managing software agents on individual devices.

Simple Network Management Protocol version 3 (SNMPv3) monitors and manages network devices, such as routers or switches. This includes using SNMPv3 to modify the devices’ configuration or have network devices report status back to a central network management system. SNMPv3 agents installed on devices send information to an SNMP manager via notifications known as traps (sometimes called device traps).

C. Utilize an agentless monitor. Agentless monitors can also provide real-time visibility and alerting for network perfromance, availability, security, and compliance issues.

my 5c here: If the organization prioritizes ease of deployment and simplicity, an agentless monitor might be preferable but in the question this is not a requirement. On the other hand, if detailed and specific information is crucial, and the organization can manage the SNMPv3 configuration securely, SNMPv3 might offer greater visibility. As the question involves a network engineer and a SECURITY ENGINEER i would guess security would be more important that ease of deployment and simplicity

It's C With SNMP, you are limited to what is exposed by the vendor, which cannot be easily extended in most cases. In agent-based monitoring, you would be able to extend the metric collection to include all the deep metrics, and not just SNMP exposed ones.25 paź 2018

SDC939 explained it in details. I'm going with C here.

SNMPv3 is a good start, but is not a comprehensive solution. Going with C.

Let me give you a little knowledge here...I think CompTIA would be looking for the answer of D - Enable SNMPv3 With passwords. The key reasons are: It explicitly meets the question's context of discussing from a "security plus" perspective. SNMPv3 is considered best practice and provides the security property of encryption specifically called out. While agentless monitoring sounds appealing, without details it creates uncertainty, whereas SNMPv3 is a known secure protocol. D balances the need for network monitoring functionality with optimizing the security posture by ensuring encryption.

The way I see it is that agentless while reducing attack surface still uses unknown protocols that could be encrypted or for that matter could be in plain text. Now SNMPV3 may have an agent but uses authentication and encryption for communication. An agentless network monitor may be in HTTP or it could be in a secure protocol, this is not specified. If you agree give me a thumbs up.

C. Utilize an agentless monitor. Agentless monitoring involves collecting data from network devices without installing additional software agents on them. This method is efficient and has minimal impact on network performance. It also reduces the potential security risks associated with installing software agents on network devices. While options A (Disable Telnet and force SSH) and D (Enable SNMPv3 with passwords) are important security measures, they are not primarily focused on monitoring network operations. Option B (Establish a continuous ping) is a basic method for checking network connectivity but doesn't provide comprehensive insights into network operations. In summary, from a CompTIA Security+ perspective, while all aspects of security are crucial, for monitoring network operations, utilizing an agentless monitor (Option C) is the best choice among the given options.

the question states that a network engineer AND a security engineer are discussing. SNMPv3 is more secure than a generic agentless monitor.

I will go with D. It is asking for the best way, and the best way is SNMPv3, which is agent less, but provides authentication and privacy.

The BEST method for monitoring network operations among the options provided would be to enable SNMPv3 with passwords. SNMP (Simple Network Management Protocol) is a commonly used protocol for monitoring and managing network devices. SNMP allows for the collection and exchange of management information between network devices and a central monitoring system. Enabling SNMPv3 with passwords enhances the security of SNMP by providing authentication and encryption features. SNMPv3 supports secure communication through the use of usernames and passwords (authentication) and data encryption (privacy) to protect sensitive information. By enabling SNMPv3 with passwords, the network engineer and security engineer can ensure that network devices can be monitored securely and that the monitoring data remains confidential and protected from unauthorized access or tampering.

SNMP is considered to be one of the most popular agentless network monitoring. Using v3 and password also makes it very secure. Thus, there are 2 correct answers C&D. D is more specific, hence the BEST answer.