Last Updated on August 7, 2021 by Admin 3
You recently implemented SNMPv3 to increase the security of your network management system. A partial output of the show run command displays the following output that relates to SNMP:
<output omitted> snmp-server group TECHS v3 noauth read TECHS write TECHS
Which of the following statements is true of this configuration?
- It provides encryption, but it does not provide authentication
- It provides neither authentication nor encryption
- It provides authentication, but it does not provide encryption
- It provides both authentication and encryption
It provides neither authentication nor encryption. In SMNPv3, there are three combinations of security that can be used:
– noAuthNoPriv- no authentication and no encryption; includes the noauth keyword in the configuration
– AuthNoPriv – messages are authenticated but not encrypted; includes the auth keyword in the configuration
– AuthPriv – messages are authenticated and encrypted; includes the priv keyword in the configuration
In this case, the keyword noauth in the configuration indicates that no authentication and no encryption are provided. This makes the implementation no more secure than SNMPv1 or SNMPv2.
In SNMPv1 and SNMPv2, authentication is performed using a community string. When you implement SNMP using the noauth keyword, it does not use community strings for authentication. Instead it uses the configured user or group name (in this case TECHS). Regardless, it does not provide either authentication or encryption.
Configure and verify device-monitoring protocols