Home > SNMP Questions

SNMP Questions

March 23rd, 2020 Go to comments

Note: If you are not sure about SNMP, please read our Simple Network Management Protocol SNMP Tutorial.

Question 1

Explanation

The command “show snmp user” displays information about the configured characteristics of SNMP users. The following example specifies the username as abcd with authentication method of MD5 and encryption method of 3DES.

Router#show snmp user abcd
User name: abcd
Engine ID: 00000009020000000C025808
storage-type: nonvolatile active access-list: 10
Rowstatus: active
Authentication Protocol: MD5
Privacy protocol: 3DES
Group name: VacmGroupName
Group name: VacmGroupName

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t2/snmpv3ae.html

Note: The command “show snmp group” displays the names of groups on the router and the security model, the status of the different views, and the storage type of each group. Below is an example of this command.

show_snmp_group.jpg

Reference: https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/configuration/guide/sm_nx_os_cg/sm_9snmp.html

Question 2

Explanation

The syntax of configuring a SNMP community string is:

snmp-server community string [ view view-name ] [ ro | rw ] [ access-list-number ]

By default, the community string permits read-only (ro) access to all objects. Therefore the first command in the exhibit above means “allow a SNMP manager that matches access-list 1 and use the password “ciscotest” to have Read-Only access to this device.

But the question mentioned that the network operations cannot read or write configuration to this device so there are two issues with above SNMP statement:
+ Maybe ACL 1 did not match the IP address of the network operations so we have to modify ACL 1 to “permit” the operations subnet.
+ This SNMP configuration only allows Read-Only permission so we have to configure the rw permission by adding the “rw” keyword after the community string (but before the ACL number).

Comments (9) Comments
  1. Anonymous
    May 10th, 2020

    Hi
    for question 2: answer is AB as per your explanation, correct ?

  2. curious_P
    June 1st, 2020

    I was also wondering the same. Isn’t the answer for second question A and B as per your explanation??

  3. Anonymous
    June 1st, 2020

    I thought as well as his explanation.

  4. gre47
    June 28th, 2020

    Anonymous and curious,I believe the right answer is A and B as well.
    From the OCG the example for correct snmp config is:
    snmp-server community cisco ro 10
    snmp-server host 10.1.100.100 informs version 2c cisco
    …config config..
    standard ip access list 10
    10 permit 10.1.100.100

    So, there must be some acl 1 with something wrong or missing regarding the subnet.
    C and D are wrong since 1 doesn’t refer to the version number but to an access list.

    Anyone to confirm?

  5. NETEngineer
    July 23rd, 2020

    @NEtworktut; Check Q2 Answer should be A and B. Please confirm.

  6. networktut
    July 24th, 2020

    @NETEngineer: Thanks for your detection, we have just updated Q2.

  7. OPS
    January 27th, 2021

    @netwoktut are you sure there are all questions here? i’m seeing that, in general, many questions are missing from others important topics. It’s impossible that there are only 2 questions for SNMP.
    We have some question that was present in old dump for Route exam (300-101). How is possible.
    Thank you!

  8. networktut
    January 28th, 2021

    @OPS: This is a new exam so the questions in the database are still small. Some topics in the ENARSI exam are same in ROUTE exam so some old questions are still present. It is normal.

  9. Aries
    March 29th, 2022

    Hi, are questions and dump still valid in 2022 in order to renew CCNP? Thanks