PT0-001 Question #164: Real Exam Question with Answer & Explanation

The correct answer is A: SMTP. NOTE: The stated correct answer (A. SMTP) contains a clear error. 'Public' and 'private' are the well-known default community strings for SNMP (Simple Network Management Protocol) - choice C. SNMP v1 and v2c use community strings as a form of plaintext authentication: 'public' gr

Attacks and exploits

Question

A penetration tester is exploiting the use of default public and private community strings Which of the following protocols is being exploited?

Options

ASMTP
BDNS
CSNMP
DHTTP

Explanation

NOTE: The stated correct answer (A. SMTP) contains a clear error. 'Public' and 'private' are the well-known default community strings for SNMP (Simple Network Management Protocol) - choice C. SNMP v1 and v2c use community strings as a form of plaintext authentication: 'public' grants read-only access and 'private' grants read-write access. Exploiting these defaults allows an attacker to enumerate network devices, read configuration data, or even modify device settings (with the private string). SMTP (choice A) is an email transfer protocol and has no concept of community strings. DNS (B) and HTTP (D) are likewise unrelated to community strings. The correct answer to this question should be C (SNMP). Verify against your source material.

Topics

#SNMP#community strings#default credentials#network protocols

Community Discussion

No community discussion yet for this question.

Full PT0-001 Practice