Implement secure network management & reporting
Questions derived from the 642-552 – Securing Cisco Network Devices Exam Cisco Self-Test Software Practice Test.
Objective: Implement secure network management and reporting
SubObjective: Describe SNMPv3 and NTPv3
Item Number: 642-5126.96.36.199
Multiple Answer, Multiple Choice
Which of the following indicate the security vulnerabilities of Simple Network Management Protocol (SNMP) Version 1? (Choose two.)
- It uses DES encryption.
- It uses clear-text community strings.
- It is prone to TCP SYN attacks.
- It broadcasts management packets.
- Clear text strings are repeatedly sent over network.
B. It uses clear-text community strings.
E. Clear text strings are repeatedly sent over network.
SNMP Version 1 has the following security vulnerabilities:
- Uses clear-text community strings.
- As part of periodic polling, SNMP sends the community strings repeatedly over the network.
Data Encryption Standard (DES) is a security feature introduced in SNMP Version 3. It is an encryption standard which ensures confidentiality of SNMP data.
SNMP uses User Datagram Protocol (UDP) at the transport layer and is not prone to TCP specific attacks like TCP SYN attack. TCP SYN attack exploits basic weaknesses found in TCP/IP protocol. The attack occurs when the attacker sends thousands of SYN packets to the victim, forcing them to wait for replies that never come.
You use the snmp-server command to configure the IP address of the host machine running Network Management System (NMS). All SNMP trap messages are logged at NMS and are sent through unicast packets.