Exam N10-008 topic 1 question 440 discussion

This is not encrypted SNMP packet. Needs SNMPv3 & community string.

C. Set a private community string. D. Use SNMPv3. C. Set a private community string: The "community: public" line indicates that the default community string "public" is being used for SNMP requests. This is a well-known community string that is often used for testing but should not be used in production environments. Changing the community string to a private, unique value is essential to prevent unauthorized access. Only devices with the correct community string can access SNMP data. D. SNMPv3: SNMPv3 is the most secure version of SNMP. It provides authentication, data integrity, and encryption features to protect SNMP traffic. By using SNMPv3, the administrator can ensure that SNMP traffic is secure and protected from unauthorized access and data tampering.

D and E snmpv3 dosent use community string V1 and v2 do. "Transport Layer Security is the next generation of Secure Sockets Layer (SSL) and has been added to the SNMPv3 architecture."

Correct answers are D "Use SNMPv3" and F "Utilize IPSec tunneling". This is from CertMaster's The Official CompTIA Network+ Student Guide (p. 464): "For example, the original versions of SNMP are unencrypted. To implement secure SNMP, either configure SNMPv3, which supports encryption, or use an encapsulation protocol such as IPSec to encrypt SNMP traffic." The community (option C) is just like a password for SNMP, which in this case is the word "public". Setting a private community string does not make much sense.

C. Set a private community string and D. Use SNMPv3. the packet contains a community string of "public," which is the default community string for SNMPv1 and SNMPv2c. The administrator should set a private community string, which is a custom string used for SNMP authentication and authorization, to replace the default string.