Exam 400-007 topic 1 question 234 discussion

SNMPv3 Prevents MITM attacks, replay attacks, and tampering. SNMPv1, is plain text with no authentication. MITM attack is more likely, the doesn't need to impersonate - simply listen n.

I think ans is B. SNMPv3 combats the threat of impersonation by providing authentication and encryption capabilities; SNMPv3 provides enhanced user and message authentication and data encryption, reducing the risk of unauthorized entities acting as legitimate administrators in the network . In this way, it provides protection against the threat of impersonation.

Should be B https://www.cisco.com/c/en/us/td/docs/routers/xr12000/software/xr12k_r3-9/system_management/configuration/guide/yc39xr12k_chapter10.html

https://snmp.com/snmpv3/snmpv3_intro.shtml#:~:text=Security%20Threats%20and%20SNMPv3%20Protection,-Secure%20management%20with&text=Prevents%20eavesdropping%20by%20protocol%20analyzers%2C%20etc.%2C%20by%20using%20encryption.&text=Verifies%20operator%20authorization%20and%20protects,of%20policy%2Dbased%20management).

https://snmp.com/snmpv3/snmpv3_intro.shtml "Security Threats and SNMPv3 Protection" section.

Change mind. Should be B - masquerade threats

https://www.comparitech.com/net-admin/common-snmp-vulnerabilities/ Both the original SNMPv1 and SNMPv2c are vulnerable to this type of attack because they display community strings in clear-text. As a consequence, one of the best ways to protect against DoS and man-in-the-middle attacks is to avoid using SNMPv1 and SNMPv2c, while restricting SNMP-enabled devices to read-only access.

SSL is "man-in-the-middle attack",so D is not.

A https://www.comparitech.com/net-admin/common-snmp-vulnerabilities/ CVE-2002-0013 – Attackers can exploit SNMPv1 to launch a DoS attack or gain access privileges by overwhelming SNMP by sending a high number of GetRequest, GetNextRequest, or SetRequest messages. CVE-2002-0012 – Attackers can use SNMPv1 trap handling to execute a DoS attack or gain access privileges.