New CCNA – IOS Questions
Note: If you are not sure about Cisco IOS, please read our Cisco Router Boot Sequence Tutorial and Cisco Command Line Interface CLI.
Question 1
Which command encrypts all plaintext passwords?
A. Router# service password-encryption
B. Router(config)# password-encryption
C. Router(config)# service password-encryption
D. Router# password-encryption
Answer: C
Question 2
What can be done to secure the virtual terminal interfaces on a router? (Choose two)
A. Administratively shut down the interface.
B. Physically secure the interface.
C. Create an access list and apply it to the virtual terminal interfaces with the access-group command.
D. Configure a virtual terminal password and login process.
E. Enter an access list and apply it to the virtual terminal interfaces using the access-class command.
Answer: D E
Explanation
It is a waste to administratively shut down the interface. Moreover, someone can still access the virtual terminal interfaces via other interfaces -> A is not correct.
We can not physically secure a virtual interface because it is “virtual” -> B is not correct.
To apply an access list to a virtual terminal interface we must use the “access-class” command. The “access-group” command is only used to apply an access list to a physical interface -> C is not correct; E is correct.
The most simple way to secure the virtual terminal interface is to configure a username & password to prevent unauthorized login -> D is correct.
Question 3
Refer to the exhibit. Why is flash memory erased prior to upgrading the IOS image from the TFTP server?
|
Router# copy tftp flash verifying checksum… OK (0x7BF3) |
A. The router cannot verify that the Cisco IOS image currently in flash is valid
B. Flash memory on Cisco routers can contain only a single IOS image.
C. Erasing current flash content is requested during the copy dialog.
D. In order for the router to use the new image as the default, it must be the only IOS image in flash.
Answer: C
Explanation
During the copy process, the router asked “Erasing flash before copying? [confirm]” and the administrator confirmed (by pressing Enter) so the flash was deleted.
Note: In this case, the flash has enough space to copy a new IOS without deleting the current one. The current IOS is deleted just because the administrator wants to do so. If the flash does not have enough space you will see an error message like this:
| %Error copying tftp://192.168.2.167/ c1600-k8sy-mz.l23-16a.bin (Not enough space on device) |
Question 4
How does using the service password encryption command on a router provide additional security?
A. by encrypting all passwords passing through the router
B. by encrypting passwords in the plain text configuration file
C. by requiring entry of encrypted passwords for access to the device
D. by configuring an MD5 encrypted key to be used by routing protocols to validate routing exchanges
E. by automatically suggesting encrypted passwords for use in configuring the router
Answer: B
Explanation
By using this command, all the (current and future) passwords are encrypted. This command is primarily useful for keeping unauthorized individuals from viewing your password in your configuration file.
Question 5
What is a global command?
A. a command that is available in every release of IOS, regardless of the version or deployment status
B. a command that can be entered in any configuration mode
C. a command that is universal in application and supports all protocols
D. a command that is implemented in all foreign and domestic IOS versions
E. a command that is set once and affects the entire router
Answer: E
Explanation
A global command is a command in this form:
Device(config)#
This mode can affect the entire router/switch.
For more information about modes in Cisco devices, please read my Cisco Command Line Interface CLI tutorial.
Question 6
Refer to the exhibit.
| line vty 0 4 password 7 030752180599 login transport input ssh |
What is the effect of the configuration that is shown?
A. It configures SSH globally for all logins.
B. It tells the router or switch to try to establish an SSh connection first and if that foils to use Telnet.
C. It configures the virtual terminal lines with the password 030752180500.
D. It configures a Cisco network device to use the SSH protocol on incoming communications via the virtual terminal ports.
E. It allows seven failed login attempts before the VTY lines are temporarily shutdown.
Answer: D
Question 7
Which router IOS commands can be used to troubleshoot LAN connectivity problems? (Choose three)
A. ping
B. tracert
C. ipconfig
D. show ip route
E. winipcfg
F. show interfaces
Answer: A D F
Explanation
The ping command can be used to test if the local device can reach a specific destination -> A is correct.
“tracert” is not a valid command in Cisco IOS commands, the correct command should be “traceroute” -> B is not correct.
The ipconfig command is not a valid command in Cisco IOS too -> C is not correct.
The “show ip route” command can be used to view the routing table of the router. It is a very useful command to find out many connectivity problems (like directly connected networks, learned network via routing protocols…) -> D is correct.
“winipcfg” is an old tool in Windows 95/98 to view IP settings of the installed network interfaces. But it is not a valid command in Cisco IOS commands -> E is not correct.
The “show interfaces” command is used to check all the interfaces on the local device only. It has very limited information to trouble LAN connectivity problem but it is the most reasonable to choose -> F is acceptable.
Question 8
Which command shows your active Telnet connections?
A. show sessions
B. show cdp neighbors
C. show users
D. show queue
Answer: A
Question 9
Which command would you configure globally on a Cisco router that would allow you to view directly connected Cisco devices?
A. enable cdp
B. cdp enable
C. cdp run
D. run cdp
Answer: C
Question 10
A network administrator needs to allow only one Telnet connection to a router. For anyone viewing the confguration and issuing the show run command, the password for Telnet access should be encrypted. Which set of commands will accomplish this task?
A. service password-encryption
access-list 1 permit 192.168.1.0 0.0.0.255
line vty 0 4
login
password cisco
access-class 1
B. enable password secret
line vty 0
login
password cisco
C. service password-encryption
line vty 1
login
password cisco
D. service password-encryption
line vty 0 4
login
password cisco
Answer: C
Question 11
What is the effect of using the service password-encryption command?
A. Only passwords configured after the command has been entered will be encrypted.
B. Only the enable password will be encrypted.
C. Only the enable secret password will be encrypted
D. It will encrypt the secret password and remove the enable secret password from the configuration.
E. It will encrypt all current and future passwords.
Answer: E
Explanation
The secret password (configured by the command “enable secret “) is always encrypted even if the “service password-encryption” command is not used. Moreover, the secret password is not removed from the configuration with this command, we still see it in encrypted form in the running-config -> D is not correct.
The “enable password ” does not encrypt the password and can be viewed in clear text in the running-config. By using the “service password-encryption” command, that password is encrypted (both current and future passwords) -> A is not correct, E is correct.
Answer B – Only the enable password will be encrypted seems to be correct but it implies the secret password will not be encrypted and stay in clear text, which is not correct.
For your information, the secret password is encrypted with MD5 one-way hash algorithm which is harder to break than the encryption algorithm used by the “service password-encryption” command.
Yes, that is correct. It should read “line vty 0″
Ques 10 Answer should be like this
service password-encryption
line vty 0
login
password cisco
Hi guys..could any of you pls send over the latest dumps which you have..Thanks in advance!!
mail-id : praveenbms0302@gmail.com
Q10
i think its ok like that
service password-encryption
line vty 1
login
password cisco
if it was (line vty 0-1) then they wld b a problem bt here its just stating that u are logging in using the second virtual terminal line thus vty 1 only.
I think Q10 is somehow wrong in the sense that you have skipped line vty 0 which deny you access in the terminal due to unsettling of password
It was supposed to be like ( line vty 0 password Cisco )which would be correct.
Hi guys!
Q4 the answer is A no B, because the commande “Service password-ecncryption” encrypte all password passing through the router. for exemple you access your router for the first time, before doing your basic configuration type the commande service password-encryption after that creat a username cedrick password cedrick.
do a sh runnning-config you will notice that your password was encrypted , due to the command you typing before. Answer A no B.
For Q10 this is the correct answer
enable password secret
line vty 0
login
password cisco
Why? ’cause if you use line vty 1, you will not be able to access the terminal due to the missing of password on line vty 0, you can’t access the second line if the first line is idle.
How can I get ccna 200-120 new dumps
Dears,
Need the ccna dump please at musfafa(@)hotmail.com
@ Cedric MEWO
good remark !
but for Q10 answer B has not service password-encryption, so the telnet password will not be encrypted.
it might be a wrong question but the correct answer to that wrong question is C that ensures the encryption of vty password and permits only one access.
cisco should modify the answer C to VTY 0
This is very tricky
i am going to appear for CCNA(200-120)exam in 1st week of december , my preparation for exam is 0%. Any one tell me (20 days are enough for passing exam ) ?
And if anyone have latest dumps than please mail me. rizwantariq_279@hotmail.com
Regards,
Q 1,2 and 4 exam on 10th Nov’14
Planning to right by end of year. can anyone PLEASE send me dumbs vanegoal20@yahoo.co.uk
hi guys,
Can anyone one send latest dumps for this mail id,,,, pls..
chethuntkl@gmail.com
Hi everyone . if you can support me by sending me the last dump at miska.miska2012@gmail.com
I will appreciate that.
Thanks 9.tut for this website
Q2, Q8 and Q9 today
Hi guys..could any of you pls send over the latest dumps which you have..Thanks in advance!!
mail-id : arunachalam1987@gmail.com
@Enzo, which sim questions were out?
Question 8
Which command shows your active Telnet connections?
A. show sessions
B. show cdp neighbors
C. show users
D. show queue
Answer is not A but C !!!!
Yannick, if you do a “show ?”, you will see the following:
sessions Information about Telnet connections
users Display information about terminal lines
I just logged in via ssh and telnet to separate switches and did a “show sessions” and get “no connections open” whether I connect via ssh or telnet. I do see my login when I do a “show users” though. So technically you’re right, but I believe for the exam, answer A is correct because of the definition provided by the IOS. Can anyone confirm that? I’ve only seen A as the correct answer on multiple sites.
I have the exam question then Josh….anyone have an answer for us ?
Regards
Josh, the answer is A as you’ve said ’cause the ‘show sessions ‘ command is run from the device you ‘re using to remotely access another device . If you have multiple connections to different hosts , ‘show sessions ‘ helps you verify them .
Tips : The ‘show users ‘ command is run from the telnetted device ….. you can catch violators by this command . :)
Q2,11 today
Question 10
1. The Answer for ( C ) is Fully Incorrect
The Question is to Allow Only One Person and we Knows that VTY port is Starting from Zero (0)
But answer C is Start From ( Line VTY 1 ) in this Case no one will allow to Login via VTY port in Router
2. We Are not able to Type ( Login ) Before to Assign Password to VTY port But in Answer C it shows that Someone Typed ( Login ) command Before Assign Password ==> that is Impossible
—————————————————-
The Right Answer Must Be :-
C. service password-encryption
line vty 0
password cisco
login
Question 11
What is the effect of using the service password-encryption command?
A. Only passwords configured after the command has been entered will be encrypted.
B. Only the enable password will be encrypted.
C. Only the enable secret password will be encrypted
D. It will encrypt the secret password and remove the enable secret password from the configuration.
E. It will encrypt all current and future passwords.
Answer: E???
i think it should be ‘A’
Mr. Saisuryaganeshn for question 11 the answer is defenately E because when the ” service password encryption” command entered all the current given and future given passwords would be encrypted and it is the behavior of this command and that is why we enter this command
Good Afternoon everyone and happy new year to all,
Please could i get the latest dumps if someone could be so kind
Shane.33896@gmail.com
Thank you
About Q10 I agree with Eugene, Cedric, Ferry, Mohammad, etc… in the sense of the example just like it is there. In my opinion it is incorrect or it is out of a real context usage’s. The use of line “1″, the doubtful “C” response and the ambiguous text of the question are tricky, almost dishonest in my opinion. I think It must be corrected by Cisco. (It is a personal opinion of course)
Hey dudes, questions, why is everyone asking for the latest dumps? Are these not it? Is there a PDF or something?
Shanny
shanny55@hotmail.com
Hi guys..could any of you pls send over the latest dumps which you have..Thanks in advance!!
mail: dysupreme.oromidayo201@gmail.com
Q 2,7,9 Today 1/12/14
i passed 200-120 986/1000. Q1 Q7 Q8 Q9 was in my exam. Please focus only 9tut. dont waste yourtime reading other site and forum.
Hi everyone, I have been studying hard. I am fairly confident, but would greatly appreciate any dumps. I am taking the CCNA in about a week. bobatemycat@yahoo.com
Q7 in my exam today. Passed
Q2 , Q3, Q9 in my exam today . Passed
Hey guy, can any of you please send me the latest dumps for 200-120… my exam will take place tomorrow 25th Jan 2015 ,,, my Email address: red_ranger1991@yahoo.com
Q7, scored 958/1000. Thanks 9Tut!
vickey_1@hotmail.com plz plz plz send latest CCNA dumps i have paper at 16 Feb. its my second attempt
Q6,7,9 today
Q2,3,9 today 7th Feb
Please can someone send the dumps at chromatic_core@yahoo.com Please Please Please Please………………
q10, dd not specify the line, and the correct set of command is what the question wants us to address.rem when u are concerned with jux one line the particular line is what u will add in d command line
Q7 on 15th Feb.
Bulli..kahan hai teri ungli?
Please send latest Q&A CCNA 200-120 dumps in PDF and VCE available. Need to pass this time.
johnmorrisonsr@gmail.com
Hey guys, I can confirm Q10
I put two 3745 routers back to back, did a quick config and tried to telnet into one router using “vty 1″ and got “password not set” and then disconnected.
Hopefully by now Cisco has corrected this provided it is even on the test, but it SHOULD read vty 0, because just changing that allowed me to Telnet into the router.
Otherwise all other parts of the answer are correct.
Hi,
Can anyone send me the latest ccna dumps? smartsoftpk@yahoo.com
q2,3,4,9,11
I confirm to Josh for Q9, answer ‘A’.
Sorry! I meant Q8.