Last Updated on August 1, 2021 by Admin 1
You recently implemented SNMPv3 to increase the security of your network management system. A partial output of the show run command displays the following output that relates to SNMP.<output omitted>snmp-server group NORMAL v3 noauth read NORMAL write NORMAL
Which of the following statements is true of this configuration?
- it provides encryption, but it does not provide authentication
- it provides neither authentication nor encryption
- it provides authentication, but it does not provide encryption
- it provides both authentication and encryption
It provides neither authentication nor encryption. In SNMPv3 there are three combinations of security that can be used:
noAuthNoPriv- no authentication and no encryption noauth keyword in the configuration
AuthNoPriv – messages are authenticated but not encrypted auth keyword in the configuration
AuthPriv – messages are authenticated and encrypted priv keyword in the configuration
In this case, the keyword noauth in the configuration indicates that no authentication and no encryption are provided. This makes the implementation no more secure than SNMPv1 or SNMPv2.
In SNMPv1 and SNMPv2, authentication is performed using a community string. When you implement SNMP using the noauth keyword, it does not use community strings for authentication. Instead it uses the configured user or group name (in this case NORMAL). Regardless, it does not provide either authentication or encryption.
Configure and verify SNMP