ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-501 All Questions

View all questions & answers for the 350-501 exam
Go to Exam

Exam 350-501 topic 1 question 37 discussion

Actual exam question from Cisco's 350-501
Question #: 37
Topic #: 1
[All 350-501 Questions]


Refer to the exhibit. An engineer has started to configure a router for secure remote access as shown. All users who require network access need to be authenticated by the SSH protocol. Which two actions must the engineer implement to complete the SSH configuration? (Choose two.)

  • A. Configure an IP domain name.
  • B. Configure ACL 100 to permit access to port 22.
  • C. Configure a password under the vty lines.
  • D. Configure crypto keys.
  • E. Configure service password encryption.
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by mabrinaldi at Oct. 31, 2021, 6:29 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
uncheck428
6 months, 4 weeks ago
Selected Answer: AD
B: I assume the access-list 100 does not exist yet, hence all traffic should accepted. C: login local is configures, so authentication is based on AAA/local users and not a password under line vty. E: Only ensures, the passwords of type 7 are "encrypted" in the configuration. So I assume A and D is correct, even though this I also 100% correct in my opinion. SSH key can be configured with a label, so the domain name is not needed. crypto key generate rsa modulus 2048 label SSH_KEY
upvoted 1 times
...
xhz502
1 year, 11 months ago
should be A and D
upvoted 1 times
...
EdgardoAC
3 years, 4 months ago
Selected Answer: AD
There are four steps required to enable SSH support on a Cisco IOS router: Configure the hostname command. Configure the DNS domain. Generate the SSH key to be used. Enable SSH transport support for the virtual type terminal (vtys). https://www.cisco.com/c/en/us/support/docs/security-vpn/secure-shell-ssh/4145-ssh.html
upvoted 2 times
...
sherlock0
3 years, 5 months ago
To enable SSH you need to configure IP domain name + generate crypto keys So A & D are correct in my choice. B is wrong because you do not need an ACL to enable port 22 for SSH C is wrong because when you have login local you do no need a pass under VTY and E is totally out of the scope of the question it is another thing
upvoted 4 times
...
Cprest
3 years, 5 months ago
A and D, are correct!
upvoted 1 times
...
mabrinaldi
3 years, 6 months ago
I think it should be A and D. if you don`t have an ip domain-name you cannot connect using ssh.
upvoted 2 times
jefranca
3 years, 6 months ago
I guess is B and D, coz you can access via ssh without "ip domain-name"
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago