The Chief Information Officer at your company asked you to restrict the read-onl
ID: 3788455 • Letter: T
Question
The Chief Information Officer at your company asked you to restrict the read-only function of a requesting SNMP management station based on the IP address. Discuss the ways you can accomplish the request efficiently. Do you think network administrators should have the final say with regard to security, or should it be left to the business unit? Why do you think that? If it were up to you to write the policies, what would you do? Remember, there is no right or wrong answer; this is a question each company has to struggle with. It’s important that you start to form your thoughts and feeling now.
Explanation / Answer
The efficient way to restrict read only function of requesting SNMP management based on IP is to place an Access control list on the line when configuring the RO(read-only)community string.
To do this we need to modify the current RO community string-delete the current RO and enter new RO
Delete:Router(config)#no snmp-server community public RO
New RO:Router(config)#no snmp-server community XXXX RO(XXXX is read only community string).
Adminstartors should have sync up with business in regard to security.hence the security can be implemented as expected.