Refer to the exhibit. which statement about the jr-admin account is true?

1. An administrator identified a regional user account through an enigma password on rexternal R1 for usage through SSH. Which 3 extra steps are forced to connumber R1 to accept just encrypted SSH connections? (Choose three.)

Enable inbound vty SSH sessions.*

Geneprice two-way pre-common secrets.

You watching: Refer to the exhibit. which statement about the jr-admin account is true?

Connumber DNS on the router.

Configure the IP domain name on the rexternal.*

Enable inbound vty Telnet sessions.

Generate the SSH secrets.*

2. Which set of commands are compelled to create a username of admin, hash the password making use of MD5, and also force the rexternal to accessibility the interior username database when a user attempts to access the console?

R1(config)# username admin password Admin01pa55R1(config)# line con 0R1(config-line)# login local

R1(config)# username admin trick Admin01pa55R1(config)# line con 0R1(config-line)# login local*

R1(config)# username admin Admin01pa55 encr md5R1(config)# line con 0R1(config-line)# login local

R1(config)# username admin password Admin01pa55R1(config)# line con 0R1(config-line)# login

R1(config)# username admin trick Admin01pa55R1(config)# line con 0R1(config-line)# login

3. Refer to the exhilittle. Which statement about the JR-Admin account is true?


JR-Admin can issue only ping regulates.

JR-Admin can concern display, ping, and also repack commands.

JR-Admin cannot issue any command bereason the privilege level does not complement among those identified.

JR-Admin can issue debug and reload commands.

JR-Admin deserve to concern ping and reload commands*

4. Which 3 locations of router protection have to be maintained to secure an edge rexternal at the network perimeter? (Choose 3.)

remote access security

zone isolation

router hardening*

operating device security*

flash security

physical security*

5. Which recommfinished defense practice stays clear of attackers from percreating password recoexceptionally on a Cisco IOS rexternal for the objective of gaining access to the privileged EXEC mode?

Locate the rexternal in a secure locked room that is easily accessible just to authorized personnel.*

Connumber secure governmental control to ensure that just authorized personnel can access the router.

Keep a secure copy of the router Cisco IOS photo and also rexternal configuration file as a backup.

Provision the rexternal with the maximum amount of memory feasible.

Disable all unsupplied ports and also interencounters to minimize the variety of methods that the router have the right to be accessed.

6. Refer to the exhilittle. Based on the output of the display running-config command, which type of view is SUPPORT?


CLI check out, containing SHOWVIEW and VERIFYVIEW commands

supercheck out, containing SHOWVIEW and VERIFYVIEW views*

secret watch, through a level 5 encrypted password

root watch, via a level 5 encrypted trick password

7. Which two characteristics apply to role-based CLI access superviews? (Choose two.)

A certain superview cannot have actually regulates included to it directly.*

CLI views have passwords, but superviews execute not have actually passwords.

A single supercheck out can be shared among multiple CLI views.

Deleting a supersee deletes all connected CLI views.

Users logged in to a supercheck out deserve to access all commands specified within the associated CLI views.*

8. Which 3 types of views are available once configuring the role-based CLI accessibility feature? (Choose 3.)


admin view

root view*

superuser view

CLI view*

config view

9. If AAA is currently permitted, which 3 CLI measures are compelled to connumber a router with a particular view? (Choose three.)

Create a superwatch utilizing the parser view view-name command.

Associate the check out through the root watch.

Assign customers that deserve to usage the check out.

Create a check out utilizing the parser watch view-name command.*

Assign an enigma password to the check out.*

Assign commands to the check out.*

10. What occurs after RSA secrets are generated on a Cisco rexternal to prepare for secure gadget management?

The keys need to be zeroized to reset Secure Shell before configuring other parameters.

See more: Back In The Day When I Was Young Im Not A Kid Anymore, Pin On Hip Hop Lyrics

All vty ports are instantly configured for SSH to provide secure administration.

The general-objective key size need to be specified for authentication through the crypto crucial generate rsa general-tricks moduluscommand also.

The generated tricks can be used by SSH.*

11. Which three statements describe restrictions in making use of privilege levels for assigning command also authorization? (Choose three.)

Creating a user account that needs access to many but not all regulates can be a tedious process.*

Views are required to define the CLI regulates that each user can accessibility.

Commands collection on a higher privilege level are not obtainable for lower privilege users.*

It is required that all 16 privilege levels be characterized, whether they are supplied or not.

There is no accessibility control to specific interencounters on a rexternal.*

The root user must be assigned to each privilege level that is characterized.

12. What command also must be issued to allow login enhancements on a Cisco router?

privilege exec level

login delay

login block-for*

banner motd

13. What is the default privilege level of user accounts produced on Cisco routers?





14. A netoccupational administrator notices that uneffective login attempts have actually resulted in a router to enter quiet mode. How can the administrator maintain remote accessibility to the netfunctions even throughout quiet mode?

Quiet mode actions deserve to be allowed using an ip access-group command on a physical interconfront.

Quiet mode habits will certainly only prevent specific user accounts from attempting to authenticate.

Quiet mode habits have the right to be overridden for specific netfunctions by utilizing an ACL.*

Quiet mode habits have the right to be disabled by an administrator by making use of SSH to connect.

15. What is a characteristic of the Cisco IOS Resilient Configuration feature?

It maintains a secure working copy of the bootstrap startup regime.

Once issued, the secure boot-config command automatically upqualities the configuration archive to a more recent version after new configuration commands have actually been entered.

A snapswarm of the router running configuration have the right to be taken and secucount archived in persistent storage.*

The secure boot-image command works appropriately when the system is configured to run a photo from a TFTP server.

16. What is a need to use the Secure Copy Protocol feature?

At least one user via privilege level 1 has to be configured for neighborhood authentication.

A command also have to be issued to enable the SCP server side use.*

A transfer have the right to just originate from SCP clients that are routers.

The Telnet protocol has to be configured on the SCP server side.

17. What is a characteristic of the MIB?

The OIDs are arranged in a ordered framework.*

Indevelopment in the MIB cannot be adjusted.

A separate MIB tree exists for any kind of provided gadget in the network.

See more: Is Currently Unable To Maintain A Stable Broadcast Connection To Steam.

Information is arranged in a flat manner so that SNMP can access it easily.

18. Which 3 items are motivated for a user response throughout interenergetic AutoSecure setup? (Choose three.)

IP addresses of interfaces

content of a defense banner*

permit key password*

services to disable

permit password*

interfaces to enable

19. A netjob-related engineer is implementing protection on all company routers. Which 2 regulates need to be issued to force authentication using the password 1A2b3C for all OSPF-allowed interencounters in the backbone location of the company network? (Choose two.)

location 0 authentication message-digest*

ip ospf message-digest-essential 1 md5 1A2b3C*

username OSPF password 1A2b3C

allow password 1A2b3C

location 1 authentication message-digest

20. What is the purpose of using the ip ospf message-digest-key essential md5 password command also and the area area-id authentication message-digest command on a router?

to configure OSPF MD5 authentication internationally on the router*

to permit OSPF MD5 authentication on a per-interface basis

to facilitate the establishment of neighbor adjacencies

to encrypt OSPF routing updates

21. What are 2 factors to allow OSPF routing protocol authentication on a network? (Choose 2.)

to administer data defense with encryption

to encertain quicker netoccupational convergence

to encertain more effective routing

to prevent information web traffic from being redirected and then discarded*

to prevent redirection of information web traffic to an insecure link*

22. Which two alternatives can be configured by Cisco AutoSecure? (Choose 2.)

permit trick password*

interface IP address


defense banner*


23. Which 3 functions are gave by the syslog logging service? (Choose three.)

establishing the dimension of the logging buffer

specifying wbelow caught indevelopment is stored*

gathering logging information*

authenticating and encrypting data sent out over the network

distinguishing between indevelopment to be caught and also indevelopment to be ignored*

retaining recorded messperiods on the rexternal as soon as a router is rebooted

24. What is the Control Plane Policing (CoPP) feature designed to accomplish?

disable manage aircraft services to minimize overall traffic

prevent unessential website traffic from overwhelming the path processor*

straight all excess website traffic amethod from the course process

control solutions gave by the regulate plane

25. Which 3 actions are developed by adding Cisco IOS login enhancements to the rexternal login process? (Choose 3.)

permit just secure consingle access