Exam 200-301 topic 1 question 663 discussion

The correct command sequence is: enable secret priv4t3p4ss line con 0 password p4ssw0rd1 login line vty 0 15 password s3cr3t2 login This will configure the password for privileged EXEC mode as "priv4t3p4ss", the user EXEC password for console access as "p4ssw0rd1", and the user EXEC password for Telnet access as "s3cr3t2". The "login" keyword is used to enable password authentication for the console and Telnet access.

Not D, we are not asked to give privilage to 15 B is correct

Tested on PT, B is correct. Privileged EXEC mode: enable secret priv4t3p4ss Console Access: line con 0 password p4ssw0rd1 login Telnet Access: line vty 0 15 password s3cr3t2 login

I want to note that when using the "login" command it should be entered as a separate command. The "login" command is disabled until a password is set. The login command is needed to enable password checking. So we must use it as the following: R1(config)# line console 0 R1(config-line)# password p4ssword1 R1(config-line)#login Which makes A is wrong (missing "login command") B is correct C is using the login command before setting the password, which is prohibited and makes it wrong D is wrong, with the enable command we use the "level" keyword but with the username+passowrd configuration we use the "privilege" keyword to set the privilege level. Which makes it also wrong.

D is wrong, The correct config: e.g.if we would like to set for privilege level 5 R1(config) # enable secret level 5 secret2 (set password for privilege level 5)

The answer is 'b'. Option ‘a’ is wrong as it doesn’t have the login command at the console and VTY lines. Option ‘c’ is wrong because the commands are incorrect. Option ‘b’ and ‘d’ are similar, except that ‘d’ has the privilege 15 added to the enable password. This option isn’t supported on the enable secret command Instead, it’s used on the username <username> privilege 15 secret <secret> command. The answer must be ‘b’. Note: When using the extra privilege 15 command, and you log in with the command login local, it allows you to enter in Privileged Exec mode and provides complete control over the router. By default, the “line level” security has a privilege level of 1 (con, aux, and vty lines), so you enter at user exec mode.

Here's the breakdown of each part: enable secret priv4t3p4ss: This command sets the privileged EXEC mode (enable) password to "priv4t3p4ss." line con 0 password p4ssw0rd1 login: This command configures the console line (console 0) with a user EXEC password "p4ssw0rd1" and enables login authentication on the console line. line vty 0 15 password s3cr3t2 login: This command configures the virtual terminal (Telnet) lines (vty 0 to 15) with a user EXEC password "s3cr3t2" and enables login authentication on the virtual terminal lines. Option B correctly configures the passwords and enables login authentication for both the console and virtual terminal lines, as specified in the requirements.

enable secret priv4t3p4ss: This command sets the password for privileged EXEC mode, also known as the enable password. The password is "priv4t3p4ss." line con 0 password p4ssw0rd1 login: This command sets the user EXEC password for console access. The password is "p4ssw0rd1." The "login" keyword ensures that the password is required when accessing the console. line vty 0 15 password s3cr3t2 login: This command sets the user EXEC password for Telnet access. The password is "s3cr3t2." The "login" keyword ensures that the password is required when accessing the router through Telnet.

B. enable secret priv4t3p4ss ! line con 0 password p4ssw0rd1 login ! line vty 0 15 password s3cr3t2 login Option B is the correct command sequence to configure the passwords for the given scenario. Here's the breakdown: "enable secret priv4t3p4ss" sets the privileged EXEC mode password. "line con 0" indicates the console line configuration. "password p4ssw0rd1" sets the password for console access. "login" enables login authentication on the console line. "line vty 0 15" indicates the virtual terminal lines configuration. "password s3cr3t2" sets the password for Telnet access. "login" enables login authentication on the virtual terminal lines. This command sequence correctly sets the specified passwords for console and Telnet access, as well as enables login authentication for both.

Router(config)#enable secret ? 0 Specifies an UNENCRYPTED password will follow 5 Specifies an ENCRYPTED secret will follow LINE The UNENCRYPTED (cleartext) 'enable' secret level Set exec level password

is B, please update answer

B,C,D's login command is messed up. The command is login local. Which are incomplete on all the options.

I go for D https://study-ccna.com/cisco-privilege-levels/

Isn't exec level of enable sec password 15 by default ?

IMHO,... no extra privilege 15 needed and for Password protection, you're allready using secret (MD5) instead of Password. To enter privileged EXEC mode, just enter the "enable" command and Password Answer D simply set the encrypted Password "privilege 15 priv4t3p4ss"

D is correct because priv 15 is the priv for exec

what's the function of the phase : "privilege 15" in the command ? I go for B too. Indeed, I don't understand ..