nerdexam
GIAC

GSNA · Question #151

GSNA Question #151: Real Exam Question with Answer & Explanation

The correct answer is C. RouterA(config)#service password-encryption. In order to fulfill the requirements, you should use the following set of commands: RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config- line)#login local A

Question

You are tasked with configuring your routers with a minimum security standard that includes the following: A local Username and Password configured on the router A strong privilege mode password Encryption of user passwords Configuring telnet and ssh to authenticate against the router user database Choose the configuration that best meets these requirements.

Options

  • ARouterA(config)#service password-encryption
  • BRouterA(config)#service password-encryption
  • CRouterA(config)#service password-encryption
  • DRouterA(config)#service enable-password-encryption

Explanation

In order to fulfill the requirements, you should use the following set of commands: RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config- line)#login local Answer: D is incorrect. This configuration does not apply password encryption correctly. The command service enable-password- encryption is incorrect. The correct command is service password-encryption. Answer: A is incorrect. This configuration applies the login command to the VTY lines. This would require the password to be set at the VTY Line 0 4 level. This effectively will not configure user- level access for the VTY lines. Answer: B is incorrect. The enable password command is obsolete and considered insecure. The proper command is enable secret followed by the password value.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSNA Practice