20+ practice questions focused on SNMP and Syslog — one of the most tested topics on the ENCOR 350-401 exam. Each question includes a detailed explanation so you learn why the right answer is correct.
Start SNMP and Syslog PracticeA network engineer configures SNMPv2c on a Cisco router to monitor CPU and memory utilization. The NMS is reachable and configured with the same community string 'public'. However, the NMS receives no traps from the router. The engineer verifies that the router's SNMP configuration includes 'snmp-server enable traps' and 'snmp-server host 192.168.1.100 version 2c public'. What is the most likely cause of the missing traps?
Explanation: The issue is that the trap destination is configured, but the router may not be sending traps due to missing trap-specific configuration or a filtering issue. The most common oversight is not enabling the specific trap types (e.g., CPU, memory) or not having the SNMP agent respond to polls. However, the correct answer focuses on the fact that 'snmp-server enable traps' without specifying trap types only enables generic traps; CPU and memory traps require explicit configuration.
An engineer is troubleshooting a syslog issue on a Cisco switch. The switch is configured with 'logging host 10.1.1.1' and 'logging trap informational'. The syslog server at 10.1.1.1 receives messages from other devices but not from this switch. The engineer can ping 10.1.1.1 from the switch. What is the most likely cause?
Explanation: The switch can reach the server, but syslog messages are not being sent. The most common cause is that the logging process is not enabled globally, or the source interface is not set, causing the server to drop messages due to source IP mismatch. However, the correct answer is that the logging facility is not configured, which is required for some syslog implementations.
A network engineer configures SNMPv3 on a Cisco router for secure monitoring. The configuration includes 'snmp-server group ADMIN v3 priv', 'snmp-server user admin ADMIN v3 auth sha cisco123 priv aes 128 cisco456', and 'snmp-server host 10.1.1.2 version 3 priv admin'. The NMS is configured with the same credentials. However, the NMS cannot poll the router. The engineer verifies that the router's SNMP agent is enabled. What is the most likely cause?
Explanation: SNMPv3 requires proper configuration of authentication and encryption. The issue is that the user is created with authentication and privacy, but the host command specifies 'priv' which is correct. However, the NMS may not be using the correct engine ID. The most common mistake is not specifying the engine ID on the NMS or having a mismatch. But in this scenario, the router's engine ID is automatically generated, and the NMS must match it. The correct answer is that the user configuration is missing the engine ID specification.
An engineer notices that syslog messages from a Cisco router are not timestamped correctly. The router is configured with 'service timestamps log datetime msec' and 'logging host 10.1.1.1'. The syslog server shows messages with the correct time but the local logs on the router show incorrect timestamps. What is the most likely cause?
Explanation: The issue is that the router's clock is not synchronized, so local timestamps are incorrect. The syslog server may be applying its own timestamp. The correct answer is that the router's system clock is not set or NTP is not configured.
A network engineer configures SNMPv2c on a Cisco switch to send traps to an NMS at 192.168.1.100 with community 'monitor'. The engineer also configures 'snmp-server enable traps snmp linkdown linkup'. The NMS receives link traps but not authentication failure traps. The engineer has not configured any access control. What is the most likely reason?
Explanation: Authentication failure traps are generated when an SNMP request is received with an invalid community string. However, by default, these traps are not enabled. The engineer must explicitly enable them with 'snmp-server enable traps snmp authentication'. The scenario shows only link traps enabled.
+15 more SNMP and Syslog questions available
Practice all SNMP and Syslog questions1. Baseline your knowledge
Start with 10 questions to gauge your current understanding of SNMP and Syslog. This tells you whether you need a concept refresher or just practice.
2. Review every explanation
For each question — right or wrong — read the full explanation. Understanding why an answer is correct is more valuable than knowing the answer itself.
3. Focus on exam traps
SNMP and Syslog questions on the 350-401 frequently use trap wording. Look for subtle differences in answers that test your precision, not just general knowledge.
4. Reach 80% consistently
Do repeated sessions until you score 80%+ three times in a row. Then move to mixed-mode practice to test cross-topic recall under realistic conditions.
The exact number varies per candidate. SNMP and Syslog is tested as part of the ENCOR 350-401 blueprint. Practicing with targeted SNMP and Syslog questions ensures you can handle any format or difficulty that appears.
Yes. Courseiva provides free 350-401 practice questions across all exam topics and domains. The platform includes topic-based practice, mock exams, missed-question review, bookmarked questions, and readiness tracking — no account required.
Difficulty is subjective, but SNMP and Syslog is a high-priority exam concept tested in multiple ways — direct recall, scenario analysis, and command-output interpretation. Consistent practice is the best way to build confidence.
Launch a full SNMP and Syslog practice session with instant scoring and detailed explanations.
Start SNMP and Syslog Practice →