Home > Security Questions

Security Questions

October 27th, 2018 Go to comments

Question 1

Explanation

The service password-encryption command will encrypt all current and future passwords so any password existed in the configuration will be encrypted.

Question 2

Explanation

Usually we enter a command like this:

username bill password westward

And the system display this command as follows:

username bill password 7 21398211

The encrypted version of the password is 21398211. The password was encrypted by the Cisco-defined encryption algorithm, as indicated by the “7”.
However, if you enter the following command: “username bill password 7 21398211”, the system determines that the password is already encrypted and performs no encryption. Instead, it displays the command exactly as you entered it.

Reference: http://www.cisco.com/c/en/us/td/docs/ios/12_2/security/configuration/guide/fsecur_c/scfpass.html#wp1001412

Question 3

Question 4

Question 5

Explanation

This configuration will let someone telnet to that router without the password (so the line “password c1sco” is not necessary).

Question 6

Explanation

802.1x is an IEEE Standard for port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN.

Question 7

Explanation

All other answers are not recommended for a network security plan so only B is the correct answer.

Question 8

Explanation

The “enable secret” password is always encrypted (independent of the “service password-encryption” command) using MD5 hash algorithm.

Note: The “enable password” does not encrypt the password and can be view in clear text in the running-config. In order to encrypt the “enable password”, use the “service password-encryption” command. In general, don’t use enable password, use enable secret instead.

Comments (0) Comments
  1. No comments yet.
Add a Comment