a problem

urvi

I got this question in my ccna class-
Router(config)# hostname Router1
Router1(config)# enable secret sanfran
Router1(config)# enable password cisco
Router1(configJ# line vty 0 4
Router1(config-line)# password sanjose
Router1(config-line)#
The network administrator made the entries that are shown and then saved the configuration.
From a console connection, what password or password sequence is required for the
administrator to access privileged mode on Router1?
A. cisco
B. sanfran
C. sanjose
D. either cisco or sanfran
E. either cisco or sanjose
F. sanjose and sanfran

Can anyone help me with the answer?

theodoxa

Since there is no configuration for the Console line (console 0), the only password you need to concern yourself with is the enable password, which is required to reach privileged mode. At that point, he is checking to see if you realize that an enable secret will supercede/override an enable password.

[EDIT] You can configure a password on any of the lines (console, aux, or vty) by entering line configuration mode (type "line LINE" in global configuration mode, replacing LINE with whatever line you wish to configure) and the type "password PASSWORD" followed by "login". To set a password to reach enable/privileged mode you would type [in global configuration mode] "enable password PASSWORD" or "enable secret PASSWORD". The latter will encrypt the password with MD5 (basically irreversible) so that noone can discover it by looking at the configuration. I bought 4 routers on eBay recently and when they arrived I began password recovery on them. I noticed looking at the startup-config of one router that they had encrypted the enable password/secret, but had left the vty line password in plain text. I checked and wouldn't you know it, they had used the same password for everything (vty, enable) and on all the routers [which came from 4 different stores across the US].

NetworkVeteran

Can anyone help me with the answer?

Sure! Here's the IOS command reference--

Cisco IOS Security Command Reference - Cisco Systems

Look-up what each of the three commands do. Then, make your best guess and explain why you chose that answer and not the others. We'd then be in a good position to clear-up any misunderstandings!

iamme4eva

urvi - This is a perfect opportunity for you to get some equipment, or fire up packet tracer, and try it. That way you will get a much better understanding of the concepts.

havenlad

Just read the explanation you gave and if I was a novice, sorry to say I would have misunderstood your explanation.

As you say, there is no config for the console line, but the only password to think about at that point would be the password to get into privileged mode. I think that's better than saying the "enable password". I know you qualify that by saying about the over-ride, but to avoid confusion, I would say:

"Since there is no config for the Console line, the only password required would be that to get into privileged mode. Both enable password and enable secret have been set, but as the enable secret takes priority, the only password to think about would be the enable secret.

Please don't take this as personal criticism - just my opinion and the way I read your answer. Perhaps it's just the sun melting my brain (28 degrees in the UK and we aren't used to it)

bbarrick

Shoot, 28 C is about 84 F? That's the low at night here. We are having a nice day at 90 F today. Could be 100+ for 30 days straight like last year though.

NetworkVeteran

A few years ago I thought 80 was divine and 95 was frying. Now I think 65 is divine and 80 is frying!

It all depends what you're used to, and humidity plays a roll, too.

bbarrick

Your right, humidity, wind and shade can make a lot of difference.

pamccabe

Sometimes, instead of breaking down the recyclables on garbage day, I use karate. I can't claim to know karate, but the garbage men don't notice.

colby_ar

Not trying to disclose anything about the exam... but I am pretty sure that I had this exact question and answers on my ICND1 exam the other day.

**** much?

shellee1983

colby_ar wrote: »

Not trying to disclose anything about the exam... but I am pretty sure that I had this exact question and answers on my ICND1 exam the other day.

**** much?

I'm fairly sure that I had this question on the exam as well...three weeks ago. I don't know if I would consider this cheating if the person is asking for help to understand this. My advice to the OP is to research the difference between passwords and to actually read the questions as the exams are rather detailed. A lot (I failed this exam 1st try) of the questions have little details that help you answer the questions if you actually know what you are talking about, otherwise they throw in a lot of extra details that throw you off. Be careful when asking these types of questions as they do disqualify you for asking questions about questions on the exam as per the non disclosure agreement.

Souljacker

shellee1983 wrote: »

I'm fairly sure that I had this question on the exam as well...three weeks ago. I don't know if I would consider this cheating if the person is asking for help to understand this. My advice to the OP is to research the difference between passwords and to actually read the questions as the exams are rather detailed. A lot (I failed this exam 1st try) of the questions have little details that help you answer the questions if you actually know what you are talking about, otherwise they throw in a lot of extra details that throw you off. Be careful when asking these types of questions as they do disqualify you for asking questions about questions on the exam as per the non disclosure agreement.

It may not be cheating to ask for help, but it definitely breaks NDA if he is posting about something he got on the actual test. It looks strangely familiar to me as well.

Carpe Porcus

NetworkVeteran wrote: »

Sure! Here's the IOS command reference--

Cisco IOS Security Command Reference - Cisco Systems

Look-up what each of the three commands do. Then, make your best guess and explain why you chose that answer and not the others. We'd then be in a good position to clear-up any misunderstandings!

Very helpful.

Try this instead:

Cisco IOS Security Configuration Guide, Release 12.2 - Configuring Passwords and Privileges  [Cisco IOS Software Releases 12.2 Mainline] - Cisco Systems

Ismaeljrp

This is very very basic. You shouldn't even be tackling questions without proper study first. CLI experience is a must.

Souljacker

Ismaeljrp wrote: »

This is very very basic. You shouldn't even be tackling questions without proper study first. CLI experience is a must.

It's basic, but it's also trick. There is a lot of information designed to distract the reader of this particular question. It's important to thoroughly read every question and think about what they are asking. Strip out the extraneous information (and the confusing mix of bad passwords) and dissect in your head the actual meaning. Just because a question is long doesn't necessarily mean it's complex.

I'm not a big fan of ambiguous or trick questions because they don't test knowledge, they test your test-taking ability.

shellee1983

Souljacker wrote: »

It's basic, but it's also trick. There is a lot of information designed to distract the reader of this particular question. It's important to thoroughly read every question and think about what they are asking. Strip out the extraneous information (and the confusing mix of bad passwords) and dissect in your head the actual meaning. Just because a question is long doesn't necessarily mean it's complex.

I'm not a big fan of ambiguous or trick questions because they don't test knowledge, they test your test-taking ability.

I agree, the last time I took the test there were 3 occassions that I read the question and answered, clicked next and as I'm re-reading the question due to lag I was like "doh" that was so wrong. I know better now. You must read the questions in detail they are sneaky little buggers. Like this question if you don't read it closely you will choose the wrong answer.

iamme4eva

Souljacker wrote: »

It's basic, but it's also trick.

I disagree. It's not a trick question at all. It's a question to test your understanding of how the password and secret settings interact with each other in a device. And also to check that you understand the implications of putting a password on a vty line vs a console line.

NetworkVeteran

iamme4eva wrote: »

I disagree. It's not a trick question at all. It's a question to test your understanding of how the password and secret settings interact with each other in a device. And also to check that you understand the implications of putting a password on a vty line vs a console line.

That is exactly how I see it as well. Plus, you do not always add the configurations you must work with.