| Exam 200-301 | Question id=5482 | Security Fundamentals |
You have been asked to examine the following output to identify any security problems with the router. Its configuration is shown:
Current configuration:
!
version 11.2
!
hostname cisco
!
enable secret 5 $l$mERr$7sOdOmgRuXYhHwfWsV4QZ/
!
banner login ^C Welcome to Router 5 Authorized users only ^C
!
interface Ethernet0
ip address 10.1.1.1 255.0.0.0
!
interface Serial0
ip address 20.2.2.2 255.0.0.0
!
router rip
network 10.0.0.0
network 20.0.0.0
!
ip route 0.0.0.0 0.0.0.0 20.2.2.3
!
line vty 0 4
password Cisc0$ell$
no login
!
end
What problems exist?
| A. |
unencrypted privileged mode password | |
| B. |
inappropriate wording in the banner message | |
| C. |
weak password on the VTY line | |
| D. |
telnet users will not be prompted for a password |
The banner logon message should not contain verbiage that includes the word Welcome. This could potentially supply grounds by a hacker that he was "invited" to access the device.
Also, although a strong password has been configured on the VTY lines, the presence of the no login command instructs the router to NOT prompt for a password.
The login command should be executed under the VTY configuration so that the router will prompt for the password.
The privileged mode password is encrypted because it is listed as an enable secret password.
The password configured on the VTY lines, Cisc0$ell$, is strong in that it contains numbers, letters, and non-numeric characters and it is at least 8 characters in length.