Options
Regarding password
workfrom925
Member Posts: 196
in CCNA & CCENT
I came across this question.
Which of the following is true regarding passwords on a Cisco Router and/or Switch?
a. You can decrypt passwords using the “no service encryption” command.
b. The password “cisco” is all you’ll ever need.
c. Type 5 Passwords are uncrackable.
d. Type 7 passwords are uncrackable.
I think none of them is correct.
A. "no service encryption' is not a correct command. It can't be entered.
B is obviously wrong.
C and D are wrong because nothing can't be uncrackable with enough time.
What do you think?
Which of the following is true regarding passwords on a Cisco Router and/or Switch?
a. You can decrypt passwords using the “no service encryption” command.
b. The password “cisco” is all you’ll ever need.
c. Type 5 Passwords are uncrackable.
d. Type 7 passwords are uncrackable.
I think none of them is correct.
A. "no service encryption' is not a correct command. It can't be entered.
B is obviously wrong.
C and D are wrong because nothing can't be uncrackable with enough time.
What do you think?
Comments
-
Options
DCD
Member Posts: 473 ■■■■□□□□□□
workfrom925 wrote: »
A. "no service encryption' is not a correct command. It can't be entered.
What do you think?
You are incorrect. This is not the answer but the command is useable. It's over have the page down.
Cisco IOS Security Command Reference, Release 12.2 - Passwords and Privileges Commands [Cisco IOS Software Releases 12.2 Mainline] - Cisco Systems -
Optionsworkfrom925
Member Posts: 196
You are incorrect. This is not the answer but the command is useable. It's over have the page down.
Cisco IOS Security Command*Reference, Release*12.2 - Passwords and Privileges Commands* [Cisco IOS Software Releases 12.2 Mainline] - Cisco Systems
Even with correct command syntax, which is "no service password-encryption", it only keep new passwords unencrypted after the command is entered. The old encrypted password stays encrypted. That's my understanding. -
Optionsworkfrom925
Member Posts: 196
C is the correct answer , type 5 password is MD5 hash
You mean, if this question actually appears on my test, C should be the best answer? -
Optionsworkfrom925
Member Posts: 196
BTW, what's the difference between the passwords created with these two commands: "user USER secret PASS" and "enable secret PASS"?
My understanding is, the password created with "enable secret PASS" is used only when we trying to get into Exec mode (Is it called Exec mode?) While the user/password created with "user USER secret PASS" is used for telnet and PVN access to the router. Am I correct? -
Options
Zartanasaurus
Member Posts: 2,008 ■■■■■■■■■□
You're kind of overthinking this. While it's true that given enough time and processing power, an MD5 hash could be cracked, it is designed to be a 1-way encryption, as opposed to Type 7 which is not IE it's reversible. Plus, you have to pick ONE answer, and that one is the most correct.workfrom925 wrote: »You mean, if this question actually appears on my test, C should be the best answer?
The enable password is for getting into privileged exec mode, not exec mode.
You can use the username/password for other stuff, including direct access to privileged exec mode, but you're thinking along the right lines.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
OptionsNetworkVeteran
Member Posts: 2,338 ■■■■■■■■□□
I will add, to the good counsel of Zatanasaurus, that Cisco wouldn't ask this question because "uncrackable" is semi-silly. Still, answer C is obviously the best answer, and the one that should be picked during a test.
