nerdexam
Exams400-007Questions#151
Cisco

400-007 · Question #151

400-007 Question #151: Real Exam Question with Answer & Explanation

The correct answer is A: SNMPv3. For a healthcare environment requiring SNMP traps over an MPLS Layer 3 VPN, SNMPv3 must be enabled because it is the only SNMP version that provides the authentication and encryption required for regulated industries.

Question

A healthcare customer requested that SNMP traps must be sent over the MPLS Layer 3 VPN service. Which protocol must be enabled?

Options

  • ASNMPv3
  • BSyslog
  • CSyslog TLS
  • DSNMPv2
  • ESSH

Explanation

For a healthcare environment requiring SNMP traps over an MPLS Layer 3 VPN, SNMPv3 must be enabled because it is the only SNMP version that provides the authentication and encryption required for regulated industries.

Common mistakes.

  • B. Syslog is a log-forwarding protocol used for system event messages and is entirely unrelated to SNMP trap transmission.
  • C. Syslog over TLS secures syslog messages in transit but has no involvement in the transmission or security of SNMP traps.
  • D. SNMPv2c authenticates only via plaintext community strings with no support for encryption, making it insufficient for a healthcare environment that requires secure SNMP trap transport.
  • E. SSH provides encrypted remote command-line access to devices but is not a protocol used for transmitting SNMP traps.

Concept tested. SNMPv3 security features for regulated industry environments

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/xe-16/snmp-xe-16-book/nm-snmp-cfg-snmp-support.html

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 400-007 Practice