NSE4 · Question #168
NSE4 Question #168: Real Exam Question with Answer & Explanation
The correct answer is A: Packet encryption. A significant advantage of SNMPv3 over older versions like SNMPv1/v2c is the addition of robust security features, specifically the capability for packet encryption to ensure data confidentiality.
Question
Which of the following is an advantage of using SNMP v3 instead of SNMP v1/v2 when querying the FortiGate unit?
Options
- APacket encryption
- BMIB-based report uploads
- CSNMP access limits through access lists
- DRunning SNMP service on a non-standard port is possible
Explanation
A significant advantage of SNMPv3 over older versions like SNMPv1/v2c is the addition of robust security features, specifically the capability for packet encryption to ensure data confidentiality.
Common mistakes.
- B. MIB-based report uploads are a function of how data is collected or presented, not a specific security advantage of SNMPv3 over v1/v2; all versions use MIBs.
- C. SNMP access limits through access lists can be configured on FortiGate for all SNMP versions (v1, v2c, v3) to control which hosts can query the device, so it is not a unique advantage of v3.
- D. The ability to run SNMP service on a non-standard port is generally a device configuration option and not an exclusive feature or advantage specific to SNMPv3 compared to earlier versions.
Concept tested. SNMPv3 security features vs. SNMPv1/v2
Reference. https://docs.fortinet.com/document/fortigate/7.4.0/administration-guide/572216/snmp
Topics
Community Discussion
No community discussion yet for this question.