單項選擇題The enable secret password appears as an MD5 hash in a router’s configuration file, whereas the enablepassword is not hashed (or encrypted, if the password-encryption service is not enabled). What is thereason that Cisco still support the use of both enable secret and enable passwords in a router’sconfiguration?()

A.The enable password is present for backward compatibility.
B.Because the enable secret password is a hash, it cannot be decrypted. Therefore, the enable password is used to match the password that was entered, and the enable secret is used to verify that the enablepassword has not been modified since the hash was generated.
C.The enable password is considered to be a router’s public key, whereas the enable secret password is considered to be a router’s private key.
D.The enable password is used for IKE Phase I, whereas the enable secret password is used for IKE Phase II.


您可能感興趣的試卷

你可能感興趣的試題

1.單項選擇題

Which statement best describes the relationships between AAA function and TACACS+, RADIUS based onthe exhibit shown?()

A.TACACS+ - P4S1 and P4S4RADIUS - P4S2 and P4S3
B.TACACS+ - P4S2 and P4S4RADIUS - P4S1 and P4S3
C.TACACS+ - P4S1 and P4S3Actual RADIUS - P4S2 and P4S4
D.TACACS+ - P4S2 and P4S3RADIUS - P4S1 and P4S4

2.單項選擇題What will be enabled by the scanning technology-The Dynamic Vector Streaming (DVS)?()

A.Firmware-level virus detection
B.Signature-based virus filtering
C.Layer 4 virus detection
D.Signature-based spyware filtering

3.多項選擇題

Given the exhibit below. You are a network manager of your company. You are reading your Syslog serverreports. On the basis of the Syslog message shown, which two descriptions are correct?()

A.This is a normal system-generated information message and does not require further investigation.
B.Service timestamps have been globally enabled.
C.This message is unimportant and can be ignored.
D.This message is a level 5 notification message.

4.單項選擇題If a switch is working in the fail-open mode, what will happen when the switch’s CAM table fills to capacityand a new frame arrives?()

A.A copy of the frame is forwarded out all switch ports other than the port the frame was received on.
B.The frame is transmitted on the native VLAN.
C.The switch sends a NACK segment to the frame’s source MAC address.
D.The frame is dropped.

5.單項選擇題

Which description is true about the show login command output displayed in the exhibit?()

A.Three or more login requests have failed within the last 100 seconds.
B.When the router goes into quiet mode, any host is permitted to access the router via Telnet,actual   SSH, and HTTP, since the quiet-mode access list has not been configured.
C.The login block-for command is configured to block login hosts for 93 seconds.
D.All logins from any sources are blocked for another 193 seconds.

6.多項選擇題Based on the following items, which two types of interfaces are found on all network-based IPS sensors?()

A.Loopback interface
B.Command and control interface
C.Monitoring interface
D.Management interface

7.單項選擇題When configuring Cisco IOS login enhancements for virtual connections, what is the "quiet period"?()

A.The period of time in which virtual login attempts are blocked, following repeated failed login attempts
B.The period of time in which virtual logins are blocked as security services fully initialize
C.A period of time when no one is attempting tolog in
D.The period of time between successive login attempts

8.單項選擇題For the following options ,which one accurately matches the CLI command(s) to the equivalent SDM wizardthat performs similar configuration functions?()

A.aaa configuration commands and the SDM Basic Firewall wizard
B.setup exec command and the SDM Security Audit wizard
C.auto secure exec command and the SDM One-Step Lockdown wizard
D.Cisco Common Classification Policy Language configuration commands and the SDM Site-to- Site VPN

9.單項選擇題What is the MD5 algorithm used for?()

A.takes a fixed-length message and produces a 128-bit message digest
B.takes a variable-length message and produces a 168-bit message digest
C.takes a message less than 2^64 bits as input and produces a 160-bit message digest
D.takes a variable-length message and produces a 128-bit message digest ActualTests.com

10.單項選擇題Which statement best describes configuring access control lists to control Telnet traffic destined to therouter itself?()

A.The ACL applied to the vty lines has no in or out option like ACL being applied to an interface.
B.The ACL is applied to the Telnet port with the ip access-group command.
C.The ACL must be applied to each vty line individually.
D.The ACL should be applied to all vty lines in the in direction to prevent an unwanted user from connecting to an unsecured port.

最新試題

Refer to the exhibit. Which statement is correct based on the show login command output shown?()

題型:單項選擇題

Which statement is correct regarding the aaa configurations based on the exhibit provided?()

題型:單項選擇題

Which name is of the e-mail traffic monitoring service that underlies that architecture of IronPort?()

題型:單項選擇題

Which type of MAC address is dynamically learned by a switch port and then added to the switch’s runningconfiguration?()

題型:單項選擇題

Refer to the exhibit. You are the network security administrator responsible for router security.Your networkuses internal IP addressing according to RFC 1918 specifications.From the default rules shown,whichaccess control list would prevent IP address spoofing of these internal networks?()

題型:單項選擇題

In an IEEE 802.1x deployment,between which two devices EAPOL messages typically are sent?()

題型:單項選擇題

Refer to the exhibit. Based on the VPN connection shown, which statement is true?()

題型:單項選擇題

What is the objective of Diffie-Hellman?()

題型:單項選擇題

When configuring role-based CLI on a Cisco router,which action will be taken first ?()

題型:單項選擇題

Which option ensures that data is not modified in transit?()

題型:單項選擇題