Question 84 of 250 from exam 400-201: Cisco CCIE Service Provider Written Exam

Question 84 of 250 from exam 400-201: Cisco CCIE Service Provider Written Exam


SNMPv3 provides which three security features? (Choose three.)



A. B. C. D. E. F.



SNMPv3 is the latest version of the Simple Network Management Protocol (SNMP), which is used to manage and monitor network devices. It provides enhanced security features to ensure that the SNMP traffic is secure and cannot be easily intercepted or tampered with by unauthorized parties. The three security features provided by SNMPv3 are:

A. Encrypted user password: SNMPv3 provides a strong level of security by encrypting the user password that is used to access the SNMPv3-enabled device. This is achieved using the Advanced Encryption Standard (AES) algorithm, which is a highly secure encryption standard used by many organizations.

B. Authentication based on MD5 or SHA algorithms: SNMPv3 uses Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) to authenticate SNMPv3 messages between devices. This ensures that only authorized devices are allowed to communicate with each other and that the data exchanged between them is not tampered with in transit.

F. Message integrity: SNMPv3 provides message integrity to ensure that SNMP messages are not tampered with during transit. It uses the same MD5 or SHA algorithms used for authentication to create a checksum of the message contents. The receiving device then verifies the checksum to ensure that the message has not been modified in transit.

C, D, and E are not correct answers:

C. Device hostname that is authenticated via AES algorithm: SNMPv3 does not authenticate the device hostname via the AES algorithm. It uses the AES algorithm to encrypt the user password.

D. DES 56-bit encryption: SNMPv3 does not use DES encryption. It uses AES encryption, which is a stronger and more secure encryption standard.

E. Private community information that is exchanged out-of-band: SNMPv3 does not exchange private community information out-of-band. Instead, it uses a secure SNMPv3 user ID and password to authenticate SNMP messages between devices.