Certified Ethical Hacker (CEH v13) — Question 141

An ethical hacker has been tasked with assessing the security of a major corporation's network. She suspects the network uses default SNMP community strings. To exploit this, she plans to extract valuable network information using SNMP enumeration. Which tool could best help her to get the information without directly modifying any parameters within the SNMP agent’s management information base (MIB)?

Answer options

• A. SnmpWalk, with a command to change an OID to a different value
• B. snmp-check (snmp_enum Module) to gather a wide array of information about the target
• C. Nmap, with a script to retrieve all running SNMP processes and associated ports
• D. OpUtils, are mainly designed for device management and not SNMP enumeration

Correct answer: B

Explanation

The correct answer is B because snmp-check is specifically designed to gather extensive information about the target using SNMP enumeration without modifying the MIB. Option A is incorrect as SnmpWalk with a command to change an OID would alter the system. Option C, while useful for network scanning, does not focus on SNMP enumeration specifically. Option D mentions OpUtils, which is not tailored for SNMP enumeration tasks.