SNMP Questions
Note: If you are not sure about SNMP, please read our SNMP tutorial.
Question 1
Explanation
“The engineer is not concerned with authentication or encryption” so we don’t need to use SNMP version 3. And we only use “one-way SNMP notifications” so SNMP messages should be sent as traps (no need to acknowledge from the SNMP server) -> A is correct.
Question 2
Explanation
There are three SNMP security levels (for SNMPv1, SNMPv2c, and SNMPv3):
+ noAuthNoPriv: Security level that does not provide authentication or encryption.
+ authNoPriv: Security level that provides authentication but does not provide encryption.
+ authPriv: Security level that provides both authentication and encryption.
For SNMPv3, “noAuthNoPriv” level uses a username match for authentication.
Question 3
Explanation
The SNMPv3 Agent supports the following set of security levels:
+ NoAuthnoPriv: Communication without authentication and privacy.
+ AuthNoPriv: Communication with authentication and without privacy. The protocols used for Authentication are MD5 and SHA (Secure Hash Algorithm).
+ AuthPriv: Communication with authentication and privacy. The protocols used for Authentication are MD5 and SHA ; and for Privacy, DES (Data Encryption Standard) and AES (Advanced Encryption Standard) protocols can be used. For Privacy Support, you have to install some third-party privacy packages.
Question 4
Explanation
The SNMPv3 Agent supports the following set of security levels:
+ NoAuthnoPriv: Communication without authentication and privacy.
+ AuthNoPriv: Communication with authentication and without privacy. The protocols used for Authentication are MD5 and SHA (Secure Hash Algorithm).
+ AuthPriv: Communication with authentication and privacy. The protocols used for Authentication are MD5 and SHA ; and for Privacy, DES (Data Encryption Standard) and AES (Advanced Encryption Standard) protocols can be used. For Privacy Support, you have to install some third-party privacy packages.
In the CLI, we use “priv” keyword for “AuthPriv” (“noAuth” keyword for “noAuthnoPriv”; “auth” keyword for “AuthNoPriv”). The following example shows how to configure a remote user to receive traps at the “priv” security level when the SNMPv3 security model is enabled:
Router(config)# snmp-server group group1 v3 priv
Router(config)# snmp-server user PrivateUser group1 remote 1.2.3.4 v3 auth md5 password1 priv access des56
Question 5
Explanation
The “snmp-server manager” command is used to start the SNMP manager process. In other words, it allows the SNMP manager to begin sending and receiving SNMP requests and responses to the SNMNP agents.
Note: SNMP Manager (sometimes called Network Management System – NMS) is a software runs on the device of the network administrator (in most case, a computer) to monitor the network.
Question 6
Explanation
Both SNMPv1 and v2 did not focus much on security and they provide security based on community string only. Community string is really just a clear text password (without encryption). Any data sent in clear text over a network is vulnerable to packet sniffing and interception.
SNMPv3 provides significant enhancements to address the security weaknesses existing in the earlier versions. The concept of community string does not exist in this version. SNMPv3 provides a far more secure communication using entities, users and groups. This is achieved by implementing three new major features:
+ Message integrity: ensuring that a packet has not been modified in transit.
+ Authentication: by using password hashing (based on the HMAC-MD5 or HMAC-SHA algorithms) to ensure the message is from a valid source on the network.
+ Privacy (Encryption): by using encryption (56-bit DES encryption, for example) to encrypt the contents of a packet.
Note: Although SNMPv3 offers better security but SNMPv2c however is still more common.
Question 7
Question 8
Explanation
The command “show snmp user” displays information about the configured characteristics of SNMP users. The following example specifies the username as abcd with authentication method of MD5 and encryption method of 3DES.
| Router#show snmp user abcd User name: abcd Engine ID: 00000009020000000C025808 storage-type: nonvolatile active access-list: 10 Rowstatus: active Authentication Protocol: MD5 Privacy protocol: 3DES Group name: VacmGroupName Group name: VacmGroupName |
Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t2/snmpv3ae.html
Question 9
Question 10
Explanation
The snmp-server host global configuration command is used to specify the recipient of an SNMP notification operation, in this case 192.168.1.3. In other words, traps of the local router will be sent to 192.168.1.3. Therefore this command is often used to manage the device.
Question 11
Explanation
The SNMP Manger can send GET, GET-NEXT and SET messages to SNMP Agents. The Agents are the monitored device while the Manager is the monitoring device. In the picture below, the Router, Server and Multilayer Switch are monitored devices.
can anyone please send new dumps for CCNP-ROute exam?
please please please. I have exam on feb 21st 2017. Please help.. send dumps to
s m i l e s . p r i y a 0 9 @ g m a i l . c o m
***HELP PLEASE**Please send me latest dumps. I’ll be taking the exam this week. I promise to give back when I passed. I promise to share it. Just help me for now. For those who just recently took the exam please help us. Thanks
Send here the dumps and some advices:
infinity143(@)(Gmail)(dot)(com)
I don’t see your question above Explanation..or I may be missing to find out your question before explnation or answer. Can you guide me to get the question before digging into answers or explanation!!!!
Please send to my email about dump file ccnp if you have.
Many thanks!
Phungtrungtuan( @ )gmail.com
hello
dash123 @ gmail .com
For Q11, B should be one of answers.
For my opinion, Q11 the answers are BCD. The Agents are the monitored device => F is not the answer
I have the same answer as Quyet Doan
The Agents are the monitored device => F is not the answer!
Please DIGITALTUT correct this
Tomorror, I’m going to present this Exam.
with studies, LAB, LAB LAB and a lot of DIGITALTUT, I think I could pas
Wish me sucess. Pray for me :)
Passed with the 440q dumps from it libraries.
Confirming the 539q dumps are valid.
Confirming the 539q dumps are valid.
Does anyone have the full version for the 539q por the Route Exam? Saw the dumps and it only contains 417 questions… Please HELP!!!
Passed today, used the 440q dumps.
SNMP is very important..in the exam ou ll also see some questions..check this
https://ipcisco.com/snmp/
Hello folks
Please someone who took the test recently (No spammers) please confirm the dumps that we can trust or if the questions in this site are correct.
Not only for me, maybe for all of who will take the test.
for question 11. i think the answer will be B,C,D.
Please correct me .
Confirming the 440q dumps are valid. I used the ones from it Libaries.
For Q5:
” The SNMP manager process sends SNMP requests to agents and receives SNMP responses and notifications from agents. When the SNMP manager process is enabled, the router can query other SNMP agents and process incoming SNMP traps.
Most network security policies assume that routers will be accepting SNMP requests, sending SNMP responses, and sending SNMP notifications. With the SNMP manager functionality enabled, the router may also be sending SNMP requests, receiving SNMP responses, and receiving SNMP notifications. The security policy implementation may need to be updated prior to enabling this functionality.”
Smashed my route exam today, 9xx used the dumps from it libraries and tut.
@tut, please send latest questions and its answers. Thank you.
what is answer of Question 2?
Which SNMP security level is available across all versions of the protocol?