An administrator needs to configure the Cisco ASA via ASDM such that the network management system can actively monitor the host using SNMPv3. Which two tasks must be performed for this configuration? (Choose two.)
Only A and B.
C answer adds host for snmp traps
D: Has no impact on this question
E: Community string is only used in SNMP that is les that v3, so snmpv2
A. and B. are not mandatory configuration to apply because:
A: While USM (User-Based Security Model) is a core component of SNMPv3 for enhanced security, it's not strictly required. SNMPv3 can function with community-based security (like SNMPv1/v2c) if USM isn't configured, but USM is the recommended and more secure approach.
B: user groups is not mandatory in SNMPv3, but they are a recommended and beneficial way to manage SNMPv3 users and their access privileges.
E: community strings are not for SNMPv3.
Leaving the options for C and D:
Instead, Specifing the SNMP manager and UDP port, and Adding an SNMP host access entry is a must for the basic configuration.
ABC is correct.
host is also mandatory to allow incoming SNMPv3 packets:
https://www.cisco.com/c/en/us/td/docs/security/asa/asa92/asdm72/general/asa-general-asdm/monitor-snmp.html#56907:~:text=Use%20of%20the%20snmp%2Dserver%20host%20command%20creates%20an%20ASA%2C%20ASAv%2C%20or%20ASASM%20rule%20to%20allow%20incoming%20SNMP%20traffic.
SNMP Version 3 adds authentication and privacy options to secure protocol operations. In addition, this version controls access to the SNMP agent and MIB objects through the User-based Security Model (USM) and View-based Access Control Model (VACM). The ASA and ASASM also support the creation of SNMP groups and users, as well as hosts, which is required to enable transport authentication and encryption for secure SNMP communications
i think its C and E
Step 1
Choose Configuration > Device Management > Management Access > SNMP. By default, the SNMP server is enabled.
Step 2
Click Add in the SNMP Management Stations pane.
The Add SNMP Host Access Entry dialog box appears.
Step 3
Choose the interface on which the SNMP host resides.
Step 4
Enter the SNMP host IP address.
Step 5
Enter the SNMP host UDP port, or keep the default, port 162.
Step 6
Add the SNMP host community string. If no community string is specified for a management station, the value set in the Community String (default) field on the SNMP Management Stations pane is used.
Step 7
Choose the SNMP version used by the SNMP host.
Step 8
If you have selected SNMP Version 3 in the previous step, choose the name of a configured user.
Step 9
To specify the method for communicating with this NMS, check either the Poll or Trap check box.
Step 10
Click OK.
The Add SNMP Host Access Entry dialog box closes.
Step 11
Click Apply.
The NMS is configured and changes are saved to the running configuration. For more information about SNMP Version 3 NMS tools, see the following URL:
you are wrong, you are describing snmp v2
https://www.cisco.com/c/en/us/td/docs/security/asa/asa96/asdm76/general/asdm-76-general-config/monitor-snmp.html
upvoted 2 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Initial14
Highly Voted 2 years, 5 months agoBros86
Most Recent 3 days, 7 hours agoluismg
6 months, 1 week ago4pelos
1 year agoLTLnetworker
1 year, 2 months agoJessie45785
1 year, 11 months agojienBoq
2 years, 1 month agojienBoq
2 years, 1 month agoJoseph47
2 years, 1 month agoEmlia1
2 years, 3 months agoEmlia1
2 years, 3 months agoZ3R0IT
2 years, 6 months agoJessie45785
1 year, 11 months ago