This set of Computer Network Multiple Choice Questions & Answers (MCQs) focuses on “SNMPv3 User-based Security Model”.
1. The ability to control what data a user can read or write is known as ________
a) access control
b) power control
c) policy control
d) flow control
View Answer
Explanation: Access control is a security technique that allows users the access and also grants them the permission to make necessary changes in the data. The access control is divided majorly into two types. Those are: 1) Physical access control and 2) Logical access control.
2. Five type of threats exist to network management information while it is being transported from one management entity to another.
a) True
b) False
View Answer
Explanation: Four type of threats exist to network management information while it is being transported from one management entity to another. Those are: (1) modification of information, (2) masquerade, (3) message stream modification, and (4) disclosure.
3. The use of ______ involves defining collections of data, groups of users of the data, and access statements.
a) USM (User-Based Security Model)
b) VACM (View-Based Access Control Model)
c) MIB (Management Information Base)
d) MAC (Message Access Code)
View Answer
Explanation: In SNMPv3 access control has been made more flexible and secure. VACM defines a set of services that an application in an agent can use to validate command requests and notification receivers. Thus, VACM defines collections of data, groups of users of the data, and access statements.
4. An _________ SNMP engine is responsible for the accuracy of the time-stamp and a unique SNMP engine ID in each message.
a) administrative
b) informative
c) non-authoritative
d) authoritative
View Answer
Explanation: An SNMP engine that acts in the role of an agent is the designated authoritative SNMP engine. An authoritative SNMP engine is responsible for the accuracy of the time-stamp and a unique SNMP engine ID in each message.
5. What is the function of Masquerade in SNMPv3 security threats?
a) Some unauthorized user may modify the contents of the message while it is in transit
b) The message stream could be monitored by an unauthorized person by eavesdropping
c) An unauthorized user sends information to another assuming the identity of an authorized user
d) An authorized user is denied service by a management entity
View Answer
Explanation: Masquerade is when an unauthorized user sends information to another assuming the identity of an authorized user. This can be done by changing the originating address. Using the masquerade and modification of information, an unauthorized user can perform an operation on a management entity, which he or she is not permitted to do. The SNMP set operation should be protected against this attack.
6. Two algorithms are recommended in SNMPv3 for developing the key from the password. They are ______ and ______
a) Triple DES, RSA
b) Block Cipher Algorithm, Stream Cipher Algorithm
c) AES, DES
d) HMAC-MDS-96, HMAC-SHA-96
View Answer
Explanation: HMAC-MDS-96 and HMACSHA-96 are the two algorithms recommended in SNMPv3 for developing the key from the password. The first letter in the designation stands fur the cryptographic hash function (H) used for generating the Message Access Code (MAC). The second part in the designation is the bashing algorithm used, the first one being the MDS hashing algorithm, and the second one the SHA-1 hashing algorithm to generate MAC.
7. The first eight octets of the 24-octet privacy key are used to create the DES key.
a) True
b) False
View Answer
Explanation: The first eight octets of the 16-octet privacy key are used to create the DES key. The DES key is only 56 bits long and hence the least significant bit of each octet in the privacy key is discarded.
8. One important function of an NMS as a user is the discovery of agents in the network. This is accomplished by generating a ______ message.
a) report
b) response
c) request
d) setrequest
View Answer
Explanation: The discovery of agents in the agents by NMS, in the network is accomplished by generating a Request message with a security level of no-authentication and no-privacy, a user name of “initial,” an authoritative SNMP engine ID of zero length, and a varBind list that is empty.
9. What is the function of the access policy?
a) It permits the operation of changes and modification in a key
b) It provides a common medium for network devices to share management information
c) It has enhanced security features
d) It determines the access rights to objects as read-view, write-view, and notify-view
View Answer
Explanation: The access policy determines the access rights to objects as read-view, write-view, and notify-view. For a given groupName, contextName, securityModel and securityLevel, that group’s access rights are defined by either the combination of the three views or not-accessible.
10. An SNMP _______ is a collection of management information accessible by an SNMP entity.
a) Context
b) MIB View
c) Groups
d) Security Level
View Answer
Explanation: There are five elements of VACM model. They are: (I) groups, (2) security level (3) contexts, (4) MIB views and view families, and (5) access policy. An SNMP context is a collection of management information accessible by an SNMP entity. An SNMP entity has access to potentially more than one context. Each SNMP engine has a context table that lists the locally available contexts by contextName.
Sanfoundry Global Education & Learning Series – Computer Networks.
To practice all areas of Computer Networks, here is complete set of 1000+ Multiple Choice Questions and Answers.
If you find a mistake in question / option / answer, kindly take a screenshot and email to [email protected]
- Check Computer Network Books
- Practice Computer Science MCQs
- Practice MCA MCQs
- Check Computer Science Books
- Apply for Computer Science Internship
