Computer Hacking Forensic Investigator (CHFI v10) — Question 493

Your company's network just finished going through a SAS 70 audit. This audit reported that overall, your network is secure, but there are some areas that needs improvement. The major area was SNMP security. The audit company recommended turning off SNMP, but that is not an option since you have so many remote nodes to keep track of. What step could you take to help secure SNMP on your network?

Answer options

• A. Block all internal MAC address from using SNMP
• B. Block access to UDP port 171
• C. Block access to TCP port 171
• D. Change the default community string names

Correct answer: D

Explanation

Changing the default community string names is essential for SNMP security as it prevents unauthorized access to SNMP data by guessing the default strings. The other options, such as blocking MAC addresses or specific ports, do not address the fundamental vulnerability posed by default community strings that are widely known and can easily be exploited.