Edge Router Security Approaches Quiz
27 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which encryption type is recommended for configuring secret passwords on Cisco devices?

  • SHA type 8
  • md5 algorithm-type
  • PBKDF2 with SHA-256 hashing
  • Type 9 scrypt encryption (correct)
  • What hashing algorithm does type 8 encryption on Cisco devices use?

  • scrypt
  • SHA-1
  • MD5
  • SHA-256 (correct)
  • What is the purpose of using the 'username name algorithm-type' command in Cisco device configurations?

  • Generating SSH keys
  • Specifying encryption type for passwords (correct)
  • Configuring unique device hostname
  • Selecting IP domain name
  • Which step is not part of configuring a Cisco device to support SSH from the given list?

    <p>Install SSH software</p> Signup and view all the answers

    What does the 'enable secret' command do in Cisco device configurations?

    <p>Configures secret passwords with encryption</p> Signup and view all the answers

    What is the purpose of an edge router in a company's network?

    <p>To implement security actions based on company security policies</p> Signup and view all the answers

    What should be avoided when creating passphrases?

    <p>Changing passwords often</p> Signup and view all the answers

    In what scenario is the Defense-in-Depth approach to edge router security used?

    <p>When using multiple layers of security before traffic enters the LAN</p> Signup and view all the answers

    What makes a password weak?

    <p>Writing passwords down in obvious places</p> Signup and view all the answers

    Which of the following is a strong password?

    <p>12^h u4@1p7%G_3</p> Signup and view all the answers

    Why is it important to maintain physical security in router configuration?

    <p>To place routers in secure locked rooms accessible only to authorized personnel</p> Signup and view all the answers

    What is the primary function of a UPS or diesel backup power generator in router security?

    <p>To ensure routers have power during outages for continued operation</p> Signup and view all the answers

    How can strong passwords be more useful?

    <p>When used with multi-factor authentication</p> Signup and view all the answers

    What is the best practice for managing passwords?

    <p>Encrypting passwords</p> Signup and view all the answers

    How does the DMZ setup provide additional security in a network?

    <p>By setting up a separate zone for servers accessible from the internet</p> Signup and view all the answers

    Why is it recommended to use the latest stable version of OS that meets router specifications?

    <p>To benefit from the latest features and security updates</p> Signup and view all the answers

    What action should be taken to help ensure passwords remain secret on network devices?

    <p>Encrypting all plaintext passwords</p> Signup and view all the answers

    What command is used to encrypt all plaintext passwords on a Cisco router?

    <p>service password-encryption</p> Signup and view all the answers

    What does the command 'service password-encryption' do on a Cisco router?

    <p>Applies weak encryption to passwords</p> Signup and view all the answers

    Why should 'service password-encryption' not be used with the intention of protecting config files from serious attacks?

    <p>It provides easily reversible encryption</p> Signup and view all the answers

    What information is revealed by the command 'show running-config' in Cisco devices?

    <p>Plaintext passwords</p> Signup and view all the answers

    What are the potential consequences of protocol spoofing in routing systems?

    <p>Creating routing loops, monitoring traffic, discarding traffic</p> Signup and view all the answers

    Why is MD5 authentication now considered vulnerable for OSPF routing protocol?

    <p>It is susceptible to attacks</p> Signup and view all the answers

    In which Cisco IOS release was support added for OSPF SHA authentication?

    <p>15.4(1)T</p> Signup and view all the answers

    What is the purpose of using OSPF SHA authentication instead of MD5?

    <p>Due to MD5 vulnerability to attacks</p> Signup and view all the answers

    What are the three areas of router security mentioned in the text?

    <p>Physical security, OS &amp; router hardening, secure admin access</p> Signup and view all the answers

    What feature allows devices to send log messages of chosen severity to a specific destination?

    <p>Syslog</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser