Network Device Access Control and Infrastructure Security - Terminal Lines and Password Protection
9 important questions on Network Device Access Control and Infrastructure Security - Terminal Lines and Password Protection
What are the 3 basic methods to connect to the CLI of an IOS device?
2. Auxiliary port (line aux 0) Remote modem
3. Virtual terminal lines (line vty 0 4) Telnet/SSH
What 3 methods are available to password protect the terminal lines?
2. Using username-based authentication (recommended as fallback)
3. Using an AAA server (Highly recommended)
What 5 types of passwords are there in Cisco IOS?
2. Type 5 passwords (Improved Cisco Proprietary encryption. Uncrackable. Favorable over Type 0 and Type 7. Enable secret and Username secret.
3. Type 7 passwords (Cisco Proprietary encryption. Known to be weak. Service password encryption
4. Type 8 passwords (PBKDF2 and SHA-256. Uncrackable)
5. Type 9 passwords (SCRYPT hashing. Uncrackable)
- Higher grades + faster learning
- Never study anything twice
- 100% sure, 100% understanding
What are 3 ways to configure a Username and Password authentication on IOS?
2. With Username .. Secret .. Command (Type-5 encryption)
3. With Username .. Algorythm-type {MD5 | Sha256 | SCRYPT} (Type-5, Type-8 and Type-9 respectively)
What are the 3 default User Privilege Levels in IOS?
2. Privilege Level 1 (User EXEC mode. > sign. No configuration command possible.)
3. Privilege Level 15 (Privileged EXEC mode. # sign. All commands available)
How can the protocol access to vty lines be set?
SSHv2 is preffered over SSHv1, what is the minimum modulus length needed for SSHv2?
Which vlans are allowed on a Trunk link by default, and which methods can be used to change this?
Commands to change:
switchport trunk allowed vlan add (To add allowed vlans)
switchport trunk allowed vlan all (To add all vlans to allowed)
switchport trunk allowed vlan except (To add all vlans except list)
switchport trunk allowed vlan remove (remove allowed vlans)
What are the different possibilities to configure a NTP Access-Group?
1. Peer (Receive Time Requests and NTP Control Queries and allow synchronization.)
2. Serve (Receive Time Requests and NTP Control Queries)
3. Serve-Only (Receive Time Requests only)
4. Query-Only (Receive NTP Control Queries only)
The question on the page originate from the summary of the following study material:
- A unique study and practice tool
- Never study anything twice again
- Get the grades you hope for
- 100% sure, 100% understanding