Home > ICND2 – SNMP Questions

ICND2 – SNMP Questions

March 23rd, 2017 in ICND2 200-105 Go to comments

Question 1

Explanation

The user-based access control implemented by SNMPv3 is based on contexts and user names, rather than on IP addresses and community strings. It is a partial implementation of the view-based access control model (VACM).

Question 2

Explanation

The first step we need to do when configuring an SNMPv3 user is to configure the server group to enable authentication for members of a specified named access list via the “snmp-server group” command. For example:

Router(config)# snmp-server group MyGroup v3 auth access snmp_acl

In this example, the SNMP server group MyGroup is configured to enable user authentication for members of the named access list snmp_acl.

Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/xe-3se/3850/snmp-xe-3se-3850-book/nm-snmp-snmpv3.html

Question 3

Question 4

Comments (6) Comments
  1. Anonymous
    March 25th, 2017

    Why Q3 and Q4 have different answers????

  2. 9tut
    March 26th, 2017

    @Anonymous: In fact they are the same, only the answers were shuffled. But we removed one of them because they are the same. Thanks for your detection!

  3. rfvaz
    April 1st, 2017

    Where are the questions?

  4. Kumo
    April 28th, 2017

    for Q4:
    the auth option adds authentication to message integrity, using a username and password, with IOS storing password in hash

    the priv option is an addition secure level after auth. It causes the SNMP manager and agent to encrypt the entire SNMP packet for all SNMP messages, in addition to performing message integrity and authentication.

    Therefore, the command must use priv to enable encryption.

  5. Civilizador
    July 28th, 2017

    Hi! In question 3.
    Which feature can you use to restrict SNMP queries to a specific OID tree?
    Why do You think that answer is B. a view record?