ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-301 All Questions

View all questions & answers for the 200-301 exam
Go to Exam

Exam 200-301 topic 1 question 626 discussion

Actual exam question from Cisco's 200-301
Question #: 626
Topic #: 1
[All 200-301 Questions]

The service password-encryption command is entered on a router. What is the effect of this configuration?

  • A. restricts unauthorized users from viewing clear-text passwords in the running configuration
  • B. prevents network administrators from configuring clear-text passwords
  • C. protects the VLAN database from unauthorized PC connections on the switch
  • D. encrypts the password exchange when a VPN tunnel is established
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by sovafal192 at Jan. 24, 2022, 5:32 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Joshua25
6 months, 1 week ago
Selected Answer: B
A is not the best answer because it says UNAUTHORISED user. Once the command is executed, passwords are encrypted in the running config file. No user can view the clear text passwords anymore, unless you decrypt them. It's not only restricting unauthorised users. B is correct because plain passwords entered by administrators are converted to encrypted format. Administors cannot set clear text passwords anymore.
upvoted 1 times
...
[Removed]
1 year, 1 month ago
Selected Answer: A
A is correct
upvoted 1 times
...
dropspablo
1 year, 8 months ago
Answer A is correct. From what I understand, the letter "B" seems right, but it is "wrong", because even using the "service password-encryption" command, the "enable password" or "username password" settings are configured in "clear text", but only in shown in the running-config with an encryption weak (type 7). The main purpose of the "service password-encryption" command is to prevent passwords from being displayed in plain text in the device configuration, protecting them from casual viewing (by an unauthorized user).
upvoted 1 times
...
RODCCN
1 year, 9 months ago
Selected Answer: A
All passwords configured on an IOS device, with the exception of the passwords configured with enable secret password, are stored in clear-text in the device configuration file. This means that all that attacker needs to do to find out the passwords is to run the show running-config command. LINK: https://geek-university.com/service-password-encryption-command/
upvoted 1 times
PaddyInNZ
1 year, 5 months ago
Also the local database command: username <name> [algorithm-type <type>][ privilege <level>] secret <plaintext password> will encrypt/obfuscate the password too.
upvoted 1 times
...
...
krzysiew
2 years ago
i think the answar is B
upvoted 2 times
...
sovafal192
3 years, 3 months ago
Selected Answer: A
I was flapping between A and B but, this cleared for me: "If the service password-encryption command is set, the encrypted form of the password you create is displayed when the more nvram:startup-config command is entered. "
upvoted 2 times
Murphy2022
2 years, 6 months ago
the service does only encrypt existing passwords therefor the admin is still able to configure unencrypted password
upvoted 1 times
dropspablo
1 year, 8 months ago
I tested it on Packet Tracert and with the "service password-encryption" command enabled, the passwords in "clear-text" will be encrypted, both the current ones and those configured afterwards. But answer A is correct.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago