SNMP is a protocol used to query hosts, servers, and devices about performance or health status
data. This protocol has long been used by hackers to gather great amount of information about
remote hosts.
Which of the following features makes this possible? (Choose two)
A.
It used TCP as the underlying protocol.
B.
It uses community string that is transmitted in clear text.
C.
It is susceptible to sniffing.
D.
It is used by all network devices on the market.
Explanation:
Simple Network Management Protocol (SNMP) is a protocol which can be used by
administrators to remotely manage a computer or network device. There are typically 2 modes of
remote SNMP monitoring. These modes are roughly ‘READ’ and ‘WRITE’ (or PUBLIC and
PRIVATE). If an attacker is able to guess a PUBLIC community string,they would be able to read
SNMP data (depending on which MIBs are installed) from the remote device. This information
might include system time,IP addresses,interfaces,processes running,etc. Version 1 of SNMP has
been criticized for its poor security. Authentication of clients is performed only by a “community
string”,in effect a type of password,which is transmitted in cleartext.