312-50V13 · Question #251
Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately disco
The correct answer is B. SNMP and he should change it to SNMP V3. Explanation Option B is correct because UDP port 161 is the well-known port for SNMP (Simple Network Management Protocol), and SNMPv1/v2c transmit data - including community strings (essentially passwords) - in plaintext. SNMPv3 introduced authentication and encryption (using pro
Question
Options
- Ait is not necessary to perform any actions, as SNMP is not carrying important information.
- BSNMP and he should change it to SNMP V3
- CRPC and the best practice is to disable RPC completely
- DSNMP and he should change it to SNMP v2, which is encrypted
How the community answered
(36 responses)- A8% (3)
- B83% (30)
- C3% (1)
- D6% (2)
Explanation
Explanation
Option B is correct because UDP port 161 is the well-known port for SNMP (Simple Network Management Protocol), and SNMPv1/v2c transmit data - including community strings (essentially passwords) - in plaintext. SNMPv3 introduced authentication and encryption (using protocols like AES and SHA), making it the only version that satisfies the requirement to eliminate unencrypted traffic.
Why the distractors are wrong:
- Option A is incorrect because SNMP community strings and network device information (topology, configurations, uptime) are highly sensitive and absolutely worth protecting from interception.
- Option C is incorrect because UDP 161 is not used by RPC (Remote Procedure Call); RPC typically uses TCP/UDP port 135.
- Option D is incorrect because SNMPv2c, while offering some improvements over v1, still transmits data in plaintext - it does not provide encryption.
Memory Tip
Think "v3 = Victory over plaintext" - only SNMPv3 adds the security trio of Authentication, Encryption, and Message Integrity. A quick port association to remember: 161 = SNMP (think "1-6-1, SNMP done").
Topics
Community Discussion
No community discussion yet for this question.