Cisco CCNA mock exam questions sample test – Question 321

.You have been asked to examine the following output to identify any security problems with the router. Its configuration is shown:
What problems exist? (Choose all that apply.)

A. unencrypted privileged mode password
B. inappropriate wording in the banner message
C. weak password on the VTY line
D. Telnet users will not be prompted for a password

Correct Answer: BD

Explanation:
The banner logon message should not contain verbiage that includes the word Welcome. This could potentially supply grounds by a hacker that he was “invited” to access the device.
Also, although a strong password has been configured on the VTY lines, the presence of the no login command instructs the router to NOT prompt for a password.
The login command should be executed under the VTY configuration so that the router will prompt for the password.
The privileged mode password is encrypted because it is listed as an enable secret password.
The password configured on the VTY lines, Cisc0$ell$, is strong in that it contains numbers, letters, and non-numeric characters and it is at least 8 characters in length.
Objective:
Infrastructure Security
Sub-Objective:
Configure, verify, and troubleshoot basic device hardening
References:
Cisco IOS Configuration Fundamentals Command Reference, Release 12.2 > Part 1: Cisco IOS User Interfaces Commands > Connection, Menu, and System Banner Commands >
banner login