CCNA Exam: Condition Indicating Service Password-Encryption Enabled

Service Password-Encryption

Prev Question Next Question

Question

Which condition indicates that service password-encryption is enabled?

Answers

A. The local username password is in clear text in the configuration.

B. The enable secret is in clear text in the configuration.

C. The local username password is encrypted in the configuration.

D. The enable secret is encrypted in the configuration.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

The correct answer is: C. The local username password is encrypted in the configuration.

Explanation:

The "service password-encryption" command is used on Cisco IOS routers and switches to encrypt all plaintext passwords in the configuration file. When this command is enabled, all passwords (except the enable secret) are encrypted using a weak algorithm called Type 7 encryption.

Type 7 encryption is not secure and can be easily decrypted by anyone with access to the configuration file. However, it can still provide a basic level of protection against accidental exposure of passwords.

Option A: The local username password is in clear text in the configuration, which means that "service password-encryption" is not enabled.

Option B: The enable secret is always encrypted in the configuration file, regardless of whether "service password-encryption" is enabled or not.

Option D: The enable secret is encrypted in the configuration file, but this does not indicate whether "service password-encryption" is enabled or not, as it is always encrypted by default.

Therefore, the correct option is C: The local username password is encrypted in the configuration, which means that "service password-encryption" is enabled.

Prev Question Next Question