Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Refer to the exhibit. Which two commands must be configured on router R1 to enable the router to accept secure remote-access connections? (Choose two.)
Ans is correct. Watch the below given video for the reference -
https://www.oreilly.com/content/how-do-i-configure-a-cisco-router-for-secure-remote-access-using-ssh/
ip ssh pubkey-chain
Example:
host1(config)# ip ssh pubkey-chain
Configures SSH-RSA keys for user and server authentication on the SSH server and enters public-key configuration mode.
Option B, "username cisco password 0 cisco," is incorrect because it creates a local user account with a password, but it does not enable remote access. Insead option A "ip ssh pubkey-chain" command is used to configure the SSH public key authentication method on a Cisco device. It allows users to authenticate using their public keys instead of passwords, enhancing security and convenience.
The correct answers are:
A. ip ssh pubkey-chain
C. crypto key generate rsa
These two commands are required to enable secure remote-access connections on router R1.
Option A (ip ssh pubkey-chain) enables SSH connections using public key authentication, which is a more secure method compared to password-based authentication.
Option C (crypto key generate rsa) generates an RSA key pair that is used for encryption and authentication purposes when establishing secure connections, such as SSH.
The other options are not directly related to enabling secure remote-access connections:
B. username cisco password 0 cisco - This command creates a local user account with the username "cisco" and a plaintext password. However, it does not enable secure remote-access connections.
D. transport input telnet - This command allows telnet access to the router, but telnet is not a secure protocol.
E. login console - This command enables console line authentication, but it is not specific to remote-access connections or providing security for them.
Regarding answer B, can passwords have spaces?? wouldn't the password be "0 cisco"?? Correct me if I'm wrong, but aren't spaces disallowed as a password requirement?
Spaces are allowed characters. I have had many engineers fat-fingered passwords in the past. The rule of thumb is never copy and paste a password or if you are going to do this copy and paste the password do it to notead to remove any additional characters.
This is a document by NSA, I found it really helpful:
https://media.defense.gov/2022/Feb/17/2002940795/-1/-1/1/CSI_CISCO_PASSWORD_TYPES_BEST_PRACTICES_20220217.PDF
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mantest
Highly Voted 1 year, 6 months agoJunior_Network
Most Recent 2 months agoJunior_Network
2 months agoYinxs
3 months, 3 weeks agoVikramaditya_J
4 months, 1 week agoEallam
5 months, 1 week agoStingVN
6 months, 3 weeks agoDARKK
1 year, 6 months agoMurphy2022
1 year, 2 months agoguisam
1 year agoNetworknovice
1 year, 7 months agopicho707
1 week, 5 days agoiGlitch
1 year, 6 months agosplashy
1 year, 2 months ago