nerdexam
Cisco

200-101 · Question #198

A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the configuration and issuing the show run command, the password for Telnet access should be encrypted

The correct answer is A. service password-encryption access-list permit 192.168.1.0 0.0.0.255 line vty0 1 login password cisco access-class 1. This question has two requirements: (1) allow only one Telnet connection and (2) encrypt the Telnet password. Option A satisfies both. 'service password-encryption' encrypts the line VTY password so it appears encrypted in 'show run'. The access-list combined with 'access-class 1

Network Device Management

Question

A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the configuration and issuing the show run command, the password for Telnet access should be encrypted. Which set of commands will accomplish this task?

Exhibit

200-101 question #198 exhibit

Options

  • Aservice password-encryption access-list permit 192.168.1.0 0.0.0.255 line vty0 1 login password cisco access-class 1
  • Benable password secret line vty0 login password cisco
  • Cservice password-encryption line vty0 login password cisco
  • Dservice password-encryption line vty0 4 login password cisco

How the community answered

(26 responses)
  • A
    69% (18)
  • B
    12% (3)
  • C
    4% (1)
  • D
    15% (4)

Explanation

This question has two requirements: (1) allow only one Telnet connection and (2) encrypt the Telnet password. Option A satisfies both. 'service password-encryption' encrypts the line VTY password so it appears encrypted in 'show run'. The access-list combined with 'access-class 1' restricts Telnet access to only the 192.168.1.0/24 network, effectively limiting who can connect. Option C lacks the access-list restriction. Option D uses 'line vty 0 4', which opens all five VTY lines (allowing multiple simultaneous sessions). Option B uses 'enable password secret' which is unrelated to VTY encryption and doesn't properly restrict Telnet. Option A provides both encryption and network-level restriction of Telnet access.

Topics

#service password-encryption#vty lines#Telnet access#access-class

Community Discussion

No community discussion yet for this question.

Full 200-101 Practice