Certified Ethical Hacker (CEH v11) — Question 208

Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company's network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161.
What protocol is this port using and how can he secure that traffic?

Answer options

• A. RPC and the best practice is to disable RPC completely.
• B. SNMP and he should change it to SNMP V3.
• C. SNMP and he should change it to SNMP V2, which is encrypted.
• D. It is not necessary to perform any actions, as SNMP is not carrying important information.

Correct answer: B

Explanation

The traffic on UDP port 161 is using SNMP, which is not secure in its earlier versions. Upgrading to SNMP V3 is the correct approach because it includes security features like authentication and encryption, making it suitable for protecting sensitive information. The other options suggest either unnecessary actions or incorrect protocols that do not address the security concerns effectively.