CCDE: Cisco Certified Design Expert (Written) — Question 45

Which two practices should you implement to increase SNMPv1 security? (Choose two.)

Answer options

• A. Restrict access to the specific SNMP engine IDs in use.
• B. Use ACLs to allow only specific IP addresses to poll SNMP.
• C. Use a combination of alphanumeric characters for the community strings.
• D. Use SNMP encryption for transport confidentiality.

Correct answer: B, C

Explanation

The correct answers, B and C, focus on restricting access and improving the complexity of community strings, which are essential for enhancing security. Option A is not effective because it doesn't provide a practical method for securing SNMPv1. Option D is incorrect as SNMPv1 does not support encryption, making it irrelevant to increasing its security.