Which statement about SNMP support on the Cisco ASA appliance is true?
A.
The Cisco ASA appliance supports only SNMPv1 or SNMPv2c.
B.
The Cisco ASA appliance supports read-only and read-write access.
C.
The Cisco ASA appliance supports three built-in SNMPv3 groups in Cisco ASDM:
Authentication and Encryption, Authentication Only, and No Authentication, No Encryption.
D.
The Cisco ASA appliance can send SNMP traps to the network management station only using
SNMPv2.
Explanation:
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/monitor_snmp.html#wp1
042029
SNMP Version 3 Overview
SNMP Version 3 provides security enhancements that are not available in SNMP Version 1 or
SNMP Version 2c. SNMP Versions 1 and 2c transmit data between the SNMP server and SNMP
agent in clear text. SNMP Version 3 adds authentication and privacy options to secure protocol
operations. In addition, this version controls access to the SNMP agent and MIB objects through
the User-based Security Model (USM) and Viewbased Access Control Model (VACM). The ASA
5500 series ASAs also support the creation of SNMP groups and users, as well as hosts, which is
required to enable transport authentication and encryption for secure SNMP communications.
Security Models
For configuration purposes, the authentication and privacy options are grouped together into
security models.
Security models apply to users and groups, and are divided into the following three types:
•NoAuthPriv—No Authentication and No Privacy, which means that no security is applied to
messages.
•AuthNoPriv—Authentication but No Privacy, which means that messages are authenticated.
•AuthPriv—Authentication and Privacy, which means that messages are authenticated and
encrypted.