Description: This event is generated when an attempt is made by Simple Network Management Protocol (SNMP) to enumerate Server Message Block (SMB) users on the host.
Impact: Reconnaissance. An attacker may obtain SMB usernames of the remote host.
Corrective: Block inbound SNMP traffic. Disable SNMP as a listening service on the remote host unless it is required.