Certified Ethical Hacker (CEH v13) — Question 30

Bill is a network administrator. He wants to eliminate unencrypted traffic inside his company’s network. He decides to setup a SPAN port and capture all traffic to the datacenter. He immediately discovers unencrypted traffic in port UDP 161. What protocol is this port using and how can he secure that traffic?

Answer options

• A. RPC and the best practice is to disable RPC completely.
• B. SNMP and he should change it to SNMP V3.
• C. SNMP and he should change it to SNMP V2, which is encrypted.
• D. It is not necessary to perform any actions, as SNMP is not carrying important information.

Correct answer: B

Explanation

The correct answer is B, as UDP port 161 is used by SNMP (Simple Network Management Protocol), and switching to SNMP V3 provides authentication and encryption features to secure the traffic. Option A is incorrect because disabling RPC does not address the SNMP issue. Option C is wrong since SNMP V2 does not include encryption. Option D is also incorrect because unencrypted SNMP traffic can expose sensitive network information.