Certified Ethical Hacker (CEH v12) — Question 42

Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company’s network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161.
What protocol is this port using and how can he secure that traffic?

Answer options

• A. RPC and the best practice is to disable RPC completely.
• B. SNMP and he should change it to SNMP V3.
• C. SNMP and he should change it to SNMP V2, which is encrypted.
• D. It is not necessary to perform any actions, as SNMP is not carrying important information.

Correct answer: B

Explanation

The correct answer is B, as port UDP 161 is associated with SNMP, and upgrading to SNMP V3 enhances security through encryption and authentication features. Answers A and C are incorrect because disabling RPC is not relevant to SNMP, and SNMP V2 does not provide encryption, which makes it less secure than SNMP V3. Answer D is also wrong since SNMP can transmit sensitive device information.