ICND2 – SNMP Questions
[am4show have=’p2;’]
Premium Member: You can test your knowledge with these questions first via this link.
[/am4show]
Question 1
[am4show have=’p2;’]Which version of SNMP first allowed user-based access?
A. SNMPv3 with RBAC
B. SNMPv3
C. SNMPv1
D. SNMPv2
Answer: B[/am4show]
Explanation
The user-based access control implemented by SNMPv3 is based on contexts and user names, rather than on IP addresses and community strings. It is a partial implementation of the view-based access control model (VACM).
Question 2
[am4show have=’p2;’]What is the first step you perform to configure an SNMPv3 user?
A. Configure server traps.
B. Configure the server group.
C. Configure the server host.
D. Configure the remote engine ID.
Answer: B[/am4show]
Explanation
The first step we need to do when configuring an SNMPv3 user is to configure the server group to enable authentication for members of a specified named access list via the “snmp-server group” command. For example:
| Router(config)# snmp-server group MyGroup v3 auth access snmp_acl |
In this example, the SNMP server group MyGroup is configured to enable user authentication for members of the named access list snmp_acl.
Question 3
[am4show have=’p2;’]Which feature can you use to restrict SNMP queries to a specific OID tree?
A. a server group
B. a view record
C. a community
D. an access group
Answer: B[/am4show]
Question 4
[am4show have=’p2;’]What is the minimum command to turn on encryption on SNMP?
A. SNMPV3authpriv
B. SMNPV3authnopriv
C. SNMPV3noauthpriv
D. SMNPV2authnopriv
E. SNMPV2NOAUTHPRIV
F. SNMPV2AUTHNOPRIV
Answer: A[/am4show]
Why Q3 and Q4 have different answers????
@Anonymous: In fact they are the same, only the answers were shuffled. But we removed one of them because they are the same. Thanks for your detection!
Where are the questions?
for Q4:
the auth option adds authentication to message integrity, using a username and password, with IOS storing password in hash
the priv option is an addition secure level after auth. It causes the SNMP manager and agent to encrypt the entire SNMP packet for all SNMP messages, in addition to performing message integrity and authentication.
Therefore, the command must use priv to enable encryption.
Hi! In question 3.
Which feature can you use to restrict SNMP queries to a specific OID tree?
Why do You think that answer is B. a view record?
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/xe-3se/3850/snmp-xe-3se-3850-book/nm-snmp-snmpv1.html
Why we see the word “Question 3” without the written actual question? It is something I still don’t understand from 9tut, could you please kindly explain 9tut?.
@MexicanAnonimous
questions are on the premium side. Basically you can read the explanations and infer a question based off the answers. But if you want to actually see the real question you need to become a premium member
Do someone knows if Netflow is covered in the actual ICND2 exam?
Passed today, used the 398q dumps.
Al
Where can I find 398q dumps?
could someone email me the 398q dumps.. jayoverlord @ gmail
hi jay, did you receive them? can anyone send them to me? {email not allowed}
bas_P_1989@ hotmail com
where can i find 398q dumps
Ans to Q 3 : view record
You can assign views to community strings to limit which MIB objects an SNMP manager can access.
The syntax to create a view record is shown below:
Router(config)# snmp-server view view-name oid-tree {included | excluded}