|Exam 400-101||Question id=774||Infrastructure Security|
At which security level does SNMPv3 use CBCDES to encrypt authentication?
At the noAuthNoPriv security level.|
At the authNoPriv security level.|
At the authPriv security level.|
At none of the security levels.|
Simple Network Management Protocol version 3 (SNMPv3) uses Cipher Block Chaining Data Encryption Standard (CBCDES) to encrypt authentication at the authPriv security level. SNMP is used to monitor and manage network devices by collecting statistical data about those devices. The authPriv security level authenticates by matching a Message Digest 5 (MD5) or Secure Hash Algorithm (SHA) hash of the user name. The authentication process is also encrypted by using either Data Encryption Standard (DES), Triple DES (3DES), or Advanced Encryption Standard (AES).
Three versions of SNMP currently exist. SNMPv1 and SNMPv2C do not provide encryption? password information, known as community strings, is sent as plain text with messages. If an attacker intercepts the message, the attacker can view the password information. SNMPv3 improves upon SNMPv1 and SNMPv2 by providing encryption, authentication, and message integrity to ensure that the messages are not tampered with during transmission. Two SNMPv3 security levels, authNoPriv and authPriv, authenticate by matching Hashbased Message Authentication CodeSHA (HMACSHA) or HMACMD5 authentication strings. The authPriv security level is the only SNMPv3 security level that can encrypt the authentication process.
The noAuthNoPriv security level in SNMPv3 authenticates by matching a user name sent as clear text. Earlier versions of SNMP, such as SNMPv1 and SNMPv2C,
match community strings instead of user names.