CompTIA Security+ (SY0-601) — Question 380

During an internal penetration test, a security analyst identified a network device that had accepted cleartext authentication and was configured with a default credential. Which of the following recommendations should the security analyst make to secure this device?

Answer options

• A. Configure SNMPv1.
• B. Configure SNMPv2c.
• C. Configure SNMPv3.
• D. Configure the default community string.

Correct answer: C

Explanation

The correct answer is C, as SNMPv3 provides enhanced security features, including authentication and encryption, which are crucial for protecting sensitive information. Options A and B, SNMPv1 and SNMPv2c, do not offer these security improvements and still transmit data in cleartext. Option D does not resolve the security issue of using default credentials and does not enhance overall security.