Home > Articles > Certification > Cisco Certification > CCIE

This chapter is from the book

Section 8.0: Advanced Security (10 points)

8.1: Password Protection (2 points)

  1. Make sure when users see the configuration of the router, all passwords are secured and not readable.

8.2: EXEC Authentication (4 points)

  1. Encrypt the enable password on R2 with a nonreversible algorithm denoted by the number 5 in the configuration.

  2. R2 should prompt for a username/password for privilege access and authenticate with the TACACS server. Do not use any AAA commands to achieve this task. In the event when the TACACS server is down, allow users to log in successfully. Do not use the tacacs-server last-resort command to achieve this task.

8.3: Access Control (4 points)

  1. Configure such that a username testconfig with password testconfig is able to see the current configuration of R3 from anywhere on the network without having login access to the router.

  2. Configure R5 vty line so that only loopback2 of R3 is able to Telnet.

  • + Share This
  • 🔖 Save To Your Account