nerdexam
EC-Council

312-50V10 · Question #632

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hos

The correct answer is B. It uses community string that is transmitted in clear text. D. It is used by all network devices on the market.. SNMPv1 and SNMPv2c transmit community strings in cleartext over UDP and are deployed on virtually all network devices, making them prime targets for attacker reconnaissance.

Enumeration

Question

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts. Which of the following features makes this possible? (Choose two)

Options

  • AIt used TCP as the underlying protocol.
  • BIt uses community string that is transmitted in clear text.
  • CIt is susceptible to sniffing.
  • DIt is used by all network devices on the market.

How the community answered

(52 responses)
  • A
    4% (2)
  • B
    90% (47)
  • C
    6% (3)

Why each option

SNMPv1 and SNMPv2c transmit community strings in cleartext over UDP and are deployed on virtually all network devices, making them prime targets for attacker reconnaissance.

AIt used TCP as the underlying protocol.

SNMP uses UDP (port 161 for queries, port 162 for traps), not TCP, making this statement factually incorrect.

BIt uses community string that is transmitted in clear text.Correct

SNMPv1 and SNMPv2c use community strings (effectively plain-text passwords) transmitted without encryption, so any attacker who can intercept traffic can capture the community string and use it to query or modify device configurations.

CIt is susceptible to sniffing.

Susceptibility to sniffing is a consequence of transmitting community strings in cleartext (choice B), not an independent protocol feature - it is redundant rather than a distinct security weakness.

DIt is used by all network devices on the market.Correct

SNMP is implemented on nearly all networked devices including routers, switches, servers, and printers, meaning a single captured community string can potentially be reused across many devices to harvest extensive network information.

Concept tested: SNMP security weaknesses - cleartext community strings and broad device coverage

Source: https://www.cisa.gov/uscert/ncas/alerts/TA17-156A

Topics

#SNMP#community strings#cleartext protocol#network enumeration

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice