Device Security

Question 1

What is the command for exec timeout?

Answer 1

exec-timeout 15 (15 minutes)

Question 2

What is the command to enable password on privileged exec mode

Answer 2

enable password <password></password>

Question 3

What is one major problem with the enable password command

Answer 3

It is in plain text in the running configuration

Question 4

What command is should be used instead of enable password

Answer 4

enable secret

Question 5

Line level passwords (telnet & enable) can also be viewed in plain text, what command should we use instead?

Answer 5

service-password-encryption

Question 6

What are 3 levels of privilege

Answer 6

Zero - least
User 1 - very limited, read-only access
Privilege (level 15) - God-level access

Question 7

If you don’t put a privilege level for a user, what level are they

Answer 7

1

Question 8

When you set a secret password, what privilege level are you putting it for by default?

Answer 8

15

Question 9

How does SSH encrypt traffic?

Answer 9

Uses digital certificates with key length at lease 768 bits

Question 10

What is the command for SSH Access?

Answer 10

> ssh -l (lima) username IP address

Question 11

What does Cisco use as its AAA server?

Answer 11

Identity Services Engine (ISE)

Question 12

What’s the first command to use when configuring RADUIS or TACAS Server

Answer 12

R1(config) # aaa new-model

Question 13

What is the command to group RADUIS servers

Answer 13

R1 (config)# aaa group server RADIUS <name>
R1(config-sg-radius) # server name <name>
R1(config-sg-radius) # server name <name2></name2></name></name>

Question 14

How do you enable AAA authentication?

Answer 14

R1(config)# aaa authentication login default group <name> local</name>

Question 15

How do you configure a radius sever?

Answer 15

R1(config)# radius server <name>
R1(config-radius-server)# address ipv4 X.X.X.X
R1(config-radius-server)# key <name></name></name>