ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-401 All Questions

View all questions & answers for the 350-401 exam
Go to Exam

Exam 350-401 topic 1 question 265 discussion

Actual exam question from Cisco's 350-401
Question #: 265
Topic #: 1
[All 350-401 Questions]

What is the difference between the enable password and the enable secret password when service password encryption is enabled on an IOS device?

  • A. The enable secret password is protected via stronger cryptography mechanisms.
  • B. The enable password cannot be decrypted.
  • C. The enable password is encrypted with a stronger encryption method.
  • D. There is no difference and both passwords are encrypted identically.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by skh at Nov. 19, 2020, 8:36 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
YTAKE
Highly Voted 3 years ago
Interesting: even the exam confuses encryption vs hashing(authentication): enable secret: uses hashing ( you can not retrieve the original message if you are using hashing unlike encryption which you can regardless of how strong the encryption is) service password: uses encryption(very weak encryption indeed) just for people who do not know what hashing and encryption are)
upvoted 9 times
...
skh
Highly Voted 3 years, 11 months ago
The “enable secret” password is always encrypted (independent of the “service passwordencryption” command) using MD5 hash algorithm. The “enable password” does not encrypt the password and can be view in clear text in the running-config. In order to encrypt the “enable password”, use the “service password-encryption” command. This command will encrypt the passwords by using the Vigenere encryption algorithm. Unfortunately, the Vigenere encryption method is cryptographically weak and trivial to reverse. The MD5 hash is a stronger algorithm than Vigenere so answer ‘The enable secret password is protected via stronger cryptography mechanisms’ is correct.
upvoted 8 times
...
matass_md
Most Recent 1 month, 4 weeks ago
Selected Answer: A
enable password 7 094F471A1A0A -enable password + service password-encryption enable secret 5 $1$pB3B$l2M0NXvqrv7AJa5Ix33Hy/ > enable secret
upvoted 1 times
...
[Removed]
5 months ago
Selected Answer: A
A is correct
upvoted 1 times
...
ihateciscoreally
1 year, 2 months ago
B is also correct answer. it cannot be decrypted because it is not even encrypted. but this is not answer they are looking for.
upvoted 1 times
...
flash007
1 year, 2 months ago
enable secret password is encrypted with MD5
upvoted 2 times
...
flash007
1 year, 3 months ago
the enable secret password is encrypted with stronger protection
upvoted 1 times
...
H3kerman
2 years ago
Selected Answer: A
Enable password - type 7: Uses a simple alphabetical substitution Vigenere cipher with a hardcoded publicly known key. It can be reversed immediately into plaintext by using tools on the Internet. The passwords are stored as encoded strings within the configuration file. Consider them obfuscated, instead of encrypted Enable secret - type 5: Introduced around 1992. It uses a very simple Message-Digest 5 (MD5) hashing algorithm - 1,000 iterations of MD5 with a 32-bit salt. The MD5 algorithm is not NIST approved. Type 5 passwords are relatively easy to brute force with modern computers and tools available on the Internet that make it possible to find collisions for MD5 hashes. The passwords are stored as hashes within the configuration file.
upvoted 1 times
...
[Removed]
3 years, 5 months ago
The given answer is correct
upvoted 1 times
...
davdtech
3 years, 7 months ago
The enable secret password uses type 5 encryption which is uncracable. The service password encryption uses type 7 which can be decrypted
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago