1. You have just started work at a new facility and need to configure an old unused router. Unfortunately you cannot find the current password for the router. What router configuration mode would you need to enter to change the password?

Answer: You need to be in the ROM monitor mode to change the password.

3. What is the best way to ensure that your configuration changes are not lost if the router is rebooted?

Answer: Copy the running configuration to the startup configuration.

4. If it has not been changed using the prompt command, what will the prompt for RouterA look like in the global configuration mode?

Answer: RouterA(config)#

5. What is the difference between the end and the exit commands?

Answer: The end command returns you to the privileged EXEC mode, and the exit command returns you to the global configuration mode.

6. What command enables you to see the available commands in your current configuration mode?

7. How do you configure CBAC to implement reflexive access lists? Answer: Reflexive ACLs cannot be used with CBAC.

8. What type of cable is required to complete a telnet connection to the router via Ethernet 0/0 interface.

Answer: The connection is completed via the router's Ethernet interface. This requires that the router be connected to the network using an Ethernet cable (RJ-45).

9. What type of router management is considered to be the most secure, yet the most difficult to use for enterprise networks? (Explain your answer.)

Answer: The console connection is considered the most secure because it requires physical access to the router. It can also be the most difficult to maintain in a large enterprise network because the routers may be installed all over the world.

10. What command generates the key used for SSH on the IOS router? Answer: crypto key generate rsa [key-length]

11. What Cisco IOS firewall feature enables administrators to configure access to services on nonstandard ports?

Answer: Port-to-application mapping

12. What AAA server types can interact with the IOS firewall? Answer: TACACS+, RADIUS, Kerberos

13. How does the Cisco IOS firewall ensure that routing updates are valid? Answer: It validated the source by using peer authentication.

Was this article helpful?

0 0

Post a comment