New CCNA – IOS Questions
Note: If you are not sure about Cisco IOS, please read our Cisco Router Boot Sequence Tutorial and Cisco Command Line Interface CLI.
Question 1
Which command encrypts all plaintext passwords?
A. Router# service password-encryption
B. Router(config)# password-encryption
C. Router(config)# service password-encryption
D. Router# password-encryption
Answer: C
Question 2
What can be done to secure the virtual terminal interfaces on a router? (Choose two)
A. Administratively shut down the interface.
B. Physically secure the interface.
C. Create an access list and apply it to the virtual terminal interfaces with the access-group command.
D. Configure a virtual terminal password and login process.
E. Enter an access list and apply it to the virtual terminal interfaces using the access-class command.
Answer: D E
Explanation
It is a waste to administratively shut down the interface. Moreover, someone can still access the virtual terminal interfaces via other interfaces -> A is not correct.
We can not physically secure a virtual interface because it is “virtual” -> B is not correct.
To apply an access list to a virtual terminal interface we must use the “access-class” command. The “access-group” command is only used to apply an access list to a physical interface -> C is not correct; E is correct.
The most simple way to secure the virtual terminal interface is to configure a username & password to prevent unauthorized login -> D is correct.
Question 3
Refer to the exhibit. Why is flash memory erased prior to upgrading the IOS image from the TFTP server?
|
Router# copy tftp flash verifying checksum… OK (0x7BF3) |
A. The router cannot verify that the Cisco IOS image currently in flash is valid
B. Flash memory on Cisco routers can contain only a single IOS image.
C. Erasing current flash content is requested during the copy dialog.
D. In order for the router to use the new image as the default, it must be the only IOS image in flash.
Answer: C
Explanation
During the copy process, the router asked “Erasing flash before copying? [confirm]” and the administrator confirmed (by pressing Enter) so the flash was deleted.
Note: In this case, the flash has enough space to copy a new IOS without deleting the current one. The current IOS is deleted just because the administrator wants to do so. If the flash does not have enough space you will see an error message like this:
| %Error copying tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin (Not enough space on device) |
Question 4
How does using the service password encryption command on a router provide additional security?
A. by encrypting all passwords passing through the router
B. by encrypting passwords in the plain text configuration file
C. by requiring entry of encrypted passwords for access to the device
D. by configuring an MD5 encrypted key to be used by routing protocols to validate routing exchanges
E. by automatically suggesting encrypted passwords for use in configuring the router
Answer: B
Explanation
By using this command, all the (current and future) passwords are encrypted. This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file.
Question 5
What is a global command?
A. a command that is available in every release of IOS, regardless of the version or deployment status
B. a command that can be entered in any configuration mode
C. a command that is universal in application and supports all protocols
D. a command that is implemented in all foreign and domestic IOS versions
E. a command that is set once and affects the entire router
Answer: E
Explanation
A global command is a command in this form:
Device(config)#
This mode can affect the entire router/switch.
For more information about modes in Cisco devices, please read my Cisco Command Line Interface CLI tutorial.
Question 6
Refer to the exhibit.
| line vty 0 4 password 7 030752180599 login transport input ssh |
What is the effect of the configuration that is shown?
A. It configures SSH globally for all logins.
B. It tells the router or switch to try to establish an SSh connection first and if that foils to use Telnet.
C. It configures the virtual terminal lines with the password 030752180500.
D. It configures a Cisco network device to use the SSH protocol on incoming communications via the virtual terminal ports.
E. It allows seven failed login attempts before the VTY lines are temporarily shutdown.
Answer: D
Question 7
Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose three)
A. ping
B. tracert
C. ipconfig
D. show ip route
E. winipcfg
F. show interfaces
Answer: A D F
Explanation
The ping command can be used to test if the local device can reach a specific destination -> A is correct.
“tracert” is not a valid command in Cisco IOS commands, the correct command should be “traceroute” -> B is not correct.
The ipconfig command is not a valid command in Cisco IOS too -> C is not correct.
The “show ip route” command can be used to view the routing table of the router. It is a very useful command to find out many connectivity problems (like directly connected networks, learned network via routing protocols…) -> D is correct.
“winipcfg” is an old tool in Windows 95/98 to view IP settings of the installed network interfaces. But it is not a valid command in Cisco IOS commands -> E is not correct.
The “show interfaces” command is used to check all the interfaces on the local device only. It has very limited information to trouble LAN connectivity problem but it is the most reasonable to choose -> F is acceptable.
Question 8
Which command shows your active Telnet connections?
A. show sessions
B. show cdp neighbors
C. show users
D. show queue
Answer: A
Question 9
Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?
A. enable cdp
B. cdp enable
C. cdp run
D. run cdp
Answer: C
Question 10
A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the confguration and issuing the show run command, the password for Telnet access should be encrypted. Which set of commands will accomplish this task?
A. service password-encryption
access-list 1 permit 192.168.1.0 0.0.0.255
line vty 0 4
login
password cisco
access-class 1
B. enable password secret
line vty 0
login
password cisco
C. service password-encryption
line vty 1
login
password cisco
D. service password-encryption
line vty 0 4
login
password cisco
Answer: C
Question 11
What is the effect of using the service password-encryption command?
A. Only passwords configured after the command has been entered will be encrypted.
B. Only the enable password will be encrypted.
C. Only the enable secret password will be encrypted
D. It will encrypt the secret password and remove the enable secret password from the configuration.
E. It will encrypt all current and future passwords.
Answer: E
Explanation
The secret password (configured by the command “enable secret “) is always encrypted even if the “service password-encryption” command is not used. Moreover, the secret password is not removed from the configuration with this command, we still see it in encrypted form in the running-config -> D is not correct.
The “enable password ” does not encrypt the password and can be viewed in clear text in the running-config. By using the “service password-encryption” command, that password is encrypted (both current and future passwords) -> A is not correct, E is correct.
Answer B – Only the enable password will be encrypted seems to be correct but it implies the secret password will not be encrypted and stay in clear text, which is not correct.
For your information, the secret password is encrypted with MD5 one-way hash algorithm which is harder to break than the encryption algorithm used by the “service password-encryption” command.
PLEASE SEND ME THE NEW DUMPS FOR EXAM MY MAIL : HATEM.ODAI@YAHOO.COM
PLEASE I WILL MAKE THE EXAM THIS WEEK
send the dumps pl coming saturday i hve exam …. email id : khalid_altavista@yahoo.com
please can anybody send me the latest ccna dumps to ekmsb@yahoo.com
please anybody can share me the latest ccna dumps to myerserenio@yahoo.com tnx!
Can you send me latest ccna dumps to panpras@gmail.com. Thanks in advance
please can anybody send me the latest ccna dumps to wendel.arcosy@gmail.com
hi, I have schedule my CCNA exam on monday 14. could you send me dump?
supercedro@hotmail.com
Thanks OXOXOXOXOX
I have scheduled my CCNA exam on monday 25. COuld u please send me the dumps?
Abhishek.Anand.92@outlook.com
Thank you!
hi could you send me dump please? molano.jams@gmail.com
q4 – 9 in my exam yesterday
Hi Any 1 please please send me a Latest Updated CCNA Dump On my emaid ID
arsalanjamali20@gmail.com
Question 8 was in the exam recently.
I have scheduled my CCNA exam on monday 28. COuld u please send me the dumps?
I have scheduled my CCNA exam on monday 28. COuld u please send me the dumps?
email – sushilbkolekar@gmail.com
Could anyone send me the latest dump please?
Esther20130922@gmail.com
one of the best sites is 9tut great thanks 4 u
but I wish more question
one thing else
you can make the answer with white color to not appeared and we can see it by selecting
Could anyone send me the latest dump please? email-mail2ashu.ashima@gmail.com
Hi… Please send me the latest dumps for CCNA 200-120 to email rloc105@gmail.com
Could anyone send me the latest dump please?
raikone14@gmail.com
Thank you.
Hi… Please send me the latest dumps for CCNA 200-120 to email ian_docil@yahoo.com. thanks
I subscribe to hero_mind:
“one thing else
you can make the answer with white color to not appeared and we can see it by selecting”
PLEASE!!!
To day I passed the exam. I got 1000 marks for it. Thanks 9tute
Question 10 is sort of wrong (or the answer has a typo).
The “line vty 1″ command skips “line vty 0″ which is the vty used for initial connections.
If a client attempts to connect it will fail on vty 0 since there is no password set.
However: If another client attempts to connect at the same time, the TCP connection to vty 0 is busy, so the router uses the next terminal available (vty 1) – which works.
Am I making any sense? :)
Thanks for the post!
Keep Writing :)
Passed Marks: 975, 99.8% from 9tut no need to exert effort for latest dumps. Labs EIGRP, ACL Sim 1 & 2, practice all modifications coz it was given on random. 9tut is enough to pass the exam. GoodLuck. .
All the questions here are the same “exact” questions on the test?
Hi great blog,
Thanks for all the posting help a lot.
please anyone can help and send the latest dumps for ccna 200-120 to my email :
technicool@gmail.com
thanking you in advance
:-)
Hi @ all,
please send me the latest dumps for ccna 200-120 to my email: chriseight@online.de THX!
GOOD LUCK to me am about to take the coming friday 29th,August!
any one who has a reliable info or advice please share me.
has anyone heard about changing the exam next month???Is that true??please tell me because I intend to take the exam next week…
send me the latest dumps on dalglishfernandes@ymail.com
No changes that was sept 2013
thankx for this helpfull i will passis my exam this month inchallah
Just passed my CCNA ,as most questions are from this site i strongly recommend you to briefly understand all the questions here in 9tut.
moreover if you need the latest dumps email me via geze2498@gmail.com
Wish You All the bEst!
Hi People!!!!I am taking the CCNA exams in next couple of days in this month, can anyone send me the latest CCNA dumps please? I am little frustrated because I heard that the exams will be very hard. Please send in the dumps to this email address surohithsurendran@hotmail.com.
Dear All
Regarding all CISCO exams CCNA CCNA Security CCNP (Route Switch Tshoot) updated valid dumps & Exam discount vouchers available globally.
1. CCNA 200-120 60 % discounted vouchers
2. CCNP (Route Switch TShoot) 25 % discounted Vouchers
3. CCNA Security 640-554 60 % discounted Vouchers
Ask any kind of technical and exam related questions from our CCIE experts.
Feel Free to Contact
Email Contact:dheprofessionals@gmail.com
Skype Id:net.rideplay
Thanks
Best Regard
Admin
Just passed my CCNA with 958. Question 1 & 7 present. Thanks to 9tut. Can someone try to put a blog in this site where we can just upload dumps free for every body to download without emailing people. If u need latest dumps, just email me to kolledm@yahoo.com
Q2 & Q3 in 5th Sep 2014 exam
Passed CCNA on 5th September with 986. ACL1, ACL2(MOD.3) and Eigrp labs. All the question were from 9tut and Watson, thanks 9tut. Keep up the good work you are doing by providing study material.
Q1, was in exam
Sorry not Q1 it was Q7
Can you send me latest ccna dumps to nasera694@gmail.com
Humbly requesting the latest CCNA dumps to datsmyaggro@yahoo.com
Can you send me latest ccna dumps to email :oeurn.chan@gmail.com
Dear All
Regarding all CISCO exams CCNA CCNA Security CCNP (Route Switch Tshoot) updated valid dumps & Exam discount vouchers available globally.
1. CCNA 200-120 60 % discounted vouchers
2. CCNP (Route Switch TShoot) 25 % discounted Vouchers
3. CCNA Security 640-554 60 % discounted Vouchers
Ask any kind of technical and exam related questions from our CCIE experts.
Feel Free to Contact
Email Contact:dheprofessionals@gmail.com
Skype Id:net.rideplay
Thanks
Best Regard
Admins
Hello Guys I hope you will be fine there.Now New CCNA (200-120) and CCNA security (640-554) Vouchers on special discount of 58% for World wide, with six months expiry date till you purchase. Each voucher cost 70USD.
Details Required For CCNA Voucher For Discount Processing:
1-Full Name. 1st Name & Last Name (as you want to appear on certificate & documents)
2-Country.
3-City.
4-State.
5-Pin Code (or Area Code)
6-Residential Address (or where you can collect your Certificate or further correspondence
can be received)
7-Date of birth
Add me on Skype through this information which is written below:
Skype Name: rockon660
you can also email me at this email address which is written below:
madeelqaiser@gmail.com
If you have any Questions feel free to contact me.
Thanks,
Best regards,
Adeel
Dear All
Regarding all CISCO exams CCNA CCNA Security CCNP (Route Switch Tshoot) updated valid dumps & Exam discount vouchers available globally.
1. CCNA 200-120 60 % discounted vouchers
2. CCNP (Route Switch TShoot) 25 % discounted Vouchers
3. CCNA Security 640-554 60 % discounted Vouchers
Ask any kind of technical and exam related questions from our CCIE experts.
Feel Free to Contact
Email Contact:dheprofessionals@gmail.com
Skype Id:net.rideplay
Thanks
Best Regard
Admins
PLEASE SEND ME THE NEW DUMPS FOR EXAM MY MAIL dforbes241@gmail.com
Hi great blog,
Thanks for all the posting help a lot.
please anyone can help and send the latest dumps for ccna 200-120 to my email :
crypterdk@gmail.com
thanking you in advance
:-)
Can somebody tell me why in q3 answer is not D? I think that C is not correct because erasing current flash content was not requested but optional.
John
August 7th, 2014
Question 10 is sort of wrong (or the answer has a typo).
The “line vty 1″ command skips “line vty 0″ which is the vty used for initial connections.
If a client attempts to connect it will fail on vty 0 since there is no password set.
However: If another client attempts to connect at the same time, the TCP connection to vty 0 is busy, so the router uses the next terminal available (vty 1) – which works.
Am I making any sense? :)
Nobody has answered to John’s question. Is he right?