SY0-501 Question #266: Real Exam Question with Answer & Explanation

Question

Given the log output: Max 15 00:15:23.431 CRT: #SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: msmith] [Source: 10.0.12.45] [localport: 23] at 00:15:23:431 CET Sun Mar 15 2015 Which of the following should the network administrator do to protect data security?

Options

• AConfigure port security for logons
• BDisable telnet and enable SSH
• CConfigure an AAA server
• DDisable password and enable RSA authentication

Explanation

The log output indicates an insecure Telnet login on port 23, which transmits credentials and data in plaintext. To protect data security, the network administrator must replace this insecure protocol with a secure alternative.

Common mistakes.

• A. Configuring port security primarily restricts which MAC addresses can access a network port and does not encrypt the data transmitted over a remote access protocol like Telnet.
• C. While an AAA server centralizes authentication, authorization, and accounting, it does not encrypt the communication channel itself, meaning sensitive information would still be transmitted in plaintext if Telnet were used.
• D. Enabling RSA authentication, often used with SSH for stronger security, is a good practice, but it doesn't address the fundamental vulnerability of Telnet transmitting all data in plaintext; RSA authentication needs to be paired with a secure protocol like SSH.

Concept tested. Securing remote access protocols (Telnet vs. SSH)

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_ssh/configuration/xe-16/sec-conn-ssh-xe-16-book/sec-conn-ssh-xe-16-book_chapter_010.html

No community discussion yet for this question.