What step could help secure SNMP on a network after a SAS 70 audit?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your knowledge as a Computer Hacking Forensic Investigator with the CHFI v11 Test. Use flashcards and multiple-choice questions, complete with hints and detailed explanations, to prepare effectively and ace your exam!

Multiple Choice

What step could help secure SNMP on a network after a SAS 70 audit?

Explanation:
Changing the default SNMP community strings is the best choice because SNMP v1/v2c rely on these strings as simple passwords. If the community strings are left as defaults (like public for read-only or private for read-write), anyone who can reach the SNMP agent can read or modify its data. Replacing those defaults with unique, strong strings removes an easy entry point and aligns with SAS 70 requirements for secure configuration and access control. Blocking a port isn’t as effective here: SNMP uses UDP port 161 (and traps on 162), so blocking an unrelated port (or TCP) won’t address the credential weakness. Blocking MAC addresses isn’t a reliable or practical SNMP security measure, since SNMP access is controlled at the network and device level and can be bypassed in many network topologies. Upgrading to SNMPv3 would provide authentication and encryption, but among the given options, changing the default community strings directly mitigates the most common risk after an audit.

Changing the default SNMP community strings is the best choice because SNMP v1/v2c rely on these strings as simple passwords. If the community strings are left as defaults (like public for read-only or private for read-write), anyone who can reach the SNMP agent can read or modify its data. Replacing those defaults with unique, strong strings removes an easy entry point and aligns with SAS 70 requirements for secure configuration and access control.

Blocking a port isn’t as effective here: SNMP uses UDP port 161 (and traps on 162), so blocking an unrelated port (or TCP) won’t address the credential weakness. Blocking MAC addresses isn’t a reliable or practical SNMP security measure, since SNMP access is controlled at the network and device level and can be bypassed in many network topologies. Upgrading to SNMPv3 would provide authentication and encryption, but among the given options, changing the default community strings directly mitigates the most common risk after an audit.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy