You recently implemented SNMPv3 to increase the security of your network management system. A partial output of the show run command displays the following
output that relates to SNMP:
<output omitted>
snmp-server group TECHS v3 noauth read TECHS write TECHS
Which of the following statements is true of this configuration?
A.
It provides encryption, but it does not provide authentication
B.
It provides neither authentication nor encryption
C.
It provides authentication, but it does not provide encryption
D.
It provides both authentication and encryption
Explanation:
It provides neither authentication nor encryption. In SMNPv3, there are three combinations of security that can be used:
noAuthNoPriv- no authentication and no encryption; includes the noauth keyword in the configuration
AuthNoPriv – messages are authenticated but not encrypted; includes the auth keyword in the configuration
AuthPriv – messages are authenticated and encrypted; includes the priv keyword in the configuration
In this case, the keyword noauth in the configuration indicates that no authentication and no encryption are provided. This makes the implementation no more
secure than SNMPv1 or SNMPv2.
In SNMPv1 and SNMPv2, authentication is performed using a community string. When you implement SNMP using the noauth keyword, it does not use community
strings for authentication. Instead it uses the configured user or group name (in this case TECHS). Regardless, it does not provide either authentication or
encryption.
Objective:
Infrastructure Management
Sub-Objective:
Configure and verify device-monitoring protocolsSNMP Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3850 Switches) > SNMPv3