New CCNA – SNMP Questions.

By | July 6, 2017

New CCNA – SNMP Common Questions.

These are commonly asked CCNA SNMP exam questions. You might come across these but in a different contest, so its beneficial if you understand the topic well.

Read a bit on SNMP here

Question 1
Which three are the components of SNMP? (Choose three)
A. MIB
B. SNMP Manager
C. SysLog Server
D. SNMP Agent

Answer: A B D

Explanation
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents.
Read More here Reference: http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html#wp1017597)




Question 2
Which protocol can cause overload on a CPU of a managed device?
A. Netflow
B. WCCP
C. IP SLA
D. SNMP

Answer: D

Explanation
When you see message like this appear in the router console:
%SNMP-3-CPUHOG: Processing [chars] of [chars]
This mean that the SNMP agent is taken too much time to process a request from the SNMP Manager.
You can use the show process cpu command for verify what the cause of it.

(Reference: http://www.cisco.com/en/US/tech/tk648/tk362/technologies_tech_note09186a00800948e6.shtml)

Question 3
What is the alert message generated by SNMP agents called ?
A. TRAP
B. INFORM
C. GET
D. SET

Answer: A B

Explanation
A TRAP is a SNMP message sent from one application from a remote host to another.
This message is to notify the other application on updates of events and that its been acknowledged.
SNMPv2 PDUs fixed this by introducing the notion of an INFORM, which is nothing more than an acknowledged TRAP.

Question 4
Which three features are added in SNMPv3 over SNMPv2?
A. Message Integrity
B. Compression
C. Authentication
D. Encryption
E. Error Detection

Answer: A C D

Explanation
Cisco IOS software supports the following versions of SNMP:
* SNMPv1 – The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.
* SNMPv2c – The community-string based Administrative Framework for SNMPv2. SNMPv2c (the “c” stands for “community”) is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.
* SNMPv3 – Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are as follows:

* Message integrity: Ensuring that a packet has not been tampered with in transit.
* Authentication: Determining that the message is from a valid source.
* Encryption: Scrambling the contents of a packet prevent it from being learned by an unauthorized source.

(Reference: http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html#wp1010901)




Question 6
Which three statements about the features of SNMPv2 and SNMPv3 are true? (Choose three)
A. SNMPv3 enhanced SNMPv2 security features
B. SNMPv3 added the Inform protocol message to SNMP.
C. SNMPv2 added the Inform protocol message to SNMP.
D. SNMPv3 added the GetBulk protocol messages to SNMP.
E. SNMPv2 added the GetBulk protocol message to SNMP.
F. SNMPv2 added the GetNext protocol message to SNMP.

Answer: A C E

Explanation
SNMPv1/v2 can neither authenticate the source of a management message nor provide encryption. Without authentication, it is possible for unauthorized users to exercise SNMP network management functions. It is also possible for unauthorized users to eavesdrop on management information as it passes from managed systems to the management system. Because of these deficiencies, many SNMPv1/v2 implementations are limited to simply a read-only capability, reducing their utility to that of a network monitor; no network control applications can be supported. To correct the security deficiencies of SNMPv1/v2, SNMPv3 was issued as a set of Proposed Standards in January 1998.  A is correct.
(Reference: http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_1-3/snmpv3.html)

The two additional messages are added in SNMP2 (compared to SNMPv1)
GetBulkRequest : The GetBulkRequest message enables an SNMP manager to access large chunks of data. GetBulkRequest allows an agent to respond with as much information as will fit in the response PDU. Agents that cannot provide values for all variables in a list will send partial information.  E is correct.

InformRequest : The InformRequest message allows NMS stations to share trap information. (Traps are issued by SNMP agents when a device change occurs.) InformRequest messages are generally used between NMS stations, not between NMS stations and agents.  C is correct.

Question 7
Which three features are added in SNMPv3 over SNMPv2?
A. Message Integrity
B. Compression
C. Authentication
D. Encryption
E. Error Detection

Answer: A C D

Explanation
Cisco IOS software supports the following versions of SNMP:
* SNMPv1 – The Simple Network Management Protocol: A Full Internet Standard, defined in RFC 1157. (RFC 1157 replaces the earlier versions that were published as RFC 1067 and RFC 1098.) Security is based on community strings.
* SNMPv2c – The community-string based Administrative Framework for SNMPv2. SNMPv2c (the “c” stands for “community”) is an Experimental Internet Protocol defined in RFC 1901, RFC 1905, and RFC 1906. SNMPv2c is an update of the protocol operations and data types of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of SNMPv1.
* SNMPv3 – Version 3 of SNMP. SNMPv3 is an interoperable standards-based protocol defined in RFCs 2273 to 2275. SNMPv3 provides secure access to devices by a combination of authenticating and encrypting packets over the network. The security features provided in SNMPv3 are as follows:

* Message integrity: Ensuring that a packet has not been tampered with in transit.
* Authentication: Determining that the message is from a valid source.
* Encryption: Scrambling the contents of a packet prevent it from being learned by an unauthorized source.
(Reference: http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf014.html#wp1010901)
– See more at: http://orbitco-ccna-pastquestions.com/New-CCNA-%E2%80%93-SNMP-Questions-.php#sthash.yc3Uclhk.dpuf