Certified Ethical Hacker (CEH v12) — Question 126

An ethical hacker has been tasked with assessing the security of a major corporation's network. She suspects the network uses default SNMP community strings. To exploit this, she plans to extract valuable network information using SNMP enumeration. Which tool could best help her to get the information without directly modifying any parameters within the SNMP agent’s management information base (MIB)?

Answer options

• A. SnmpWalk, with a command to change an OID to a different value
• B. snmp-check (snmp_enum Module) to gather a wide array of information about the target
• C. Nmap, with a script to retrieve all running SNMP processes and associated ports
• D. OpUtils, are mainly designed for device management and not SNMP enumeration

Correct answer: B

Explanation

The correct answer is B because snmp-check (snmp_enum Module) is specifically designed for SNMP enumeration, allowing the ethical hacker to gather extensive information without changing any parameters. Option A is incorrect because SnmpWalk is used to retrieve data but not for changing OIDs. Option C, while useful for discovering processes, does not focus solely on information retrieval through enumeration. Option D is also incorrect as OpUtils is not tailored for SNMP enumeration tasks.