nerdexam
EC-Council

312-50V9 · Question #525

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hos

The correct answer is B. It uses community string that is transmitted in clear text. D. It is used by all network devices on the market.. SNMP exposes network information because community strings are sent as cleartext and the protocol is implemented on virtually every network device, creating a wide-surface reconnaissance tool.

Enumeration

Question

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts. Which of the following features makes this possible? (Choose two)

Options

  • AIt used TCP as the underlying protocol.
  • BIt uses community string that is transmitted in clear text.
  • CIt is susceptible to sniffing.
  • DIt is used by all network devices on the market.

How the community answered

(20 responses)
  • A
    5% (1)
  • B
    85% (17)
  • C
    10% (2)

Why each option

SNMP exposes network information because community strings are sent as cleartext and the protocol is implemented on virtually every network device, creating a wide-surface reconnaissance tool.

AIt used TCP as the underlying protocol.

SNMP uses UDP (port 161) as its transport protocol, not TCP, making this statement factually incorrect.

BIt uses community string that is transmitted in clear text.Correct

SNMP v1 and v2c transmit community strings (which act as passwords) in plaintext over the network, allowing any attacker with packet-capture access to harvest credentials and then freely query devices for configuration and performance data.

CIt is susceptible to sniffing.

Susceptibility to sniffing is a consequence of the cleartext community strings described in choice B, not an independent protocol feature that separately enables hacking.

DIt is used by all network devices on the market.Correct

SNMP is implemented by virtually all network device vendors including routers, switches, printers, and servers, meaning an attacker who obtains a community string can gather detailed information from a vast range of devices across any network.

Concept tested: SNMP security weaknesses enabling network reconnaissance

Source: https://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/7282-12.html

Topics

#SNMP#community strings#clear text protocol#network enumeration

Community Discussion

No community discussion yet for this question.

Full 312-50V9 Practice