How does using the service password-encryption command on a router provide additional security?
Click on the arrows to vote for the correct answerA. B. C. D. E.
The correct answer to this question is B. The service password-encryption command on a router provides additional security by encrypting passwords in the plain text configuration file.
When a password is configured on a router, it is typically stored in the router's configuration file in plain text. This means that anyone with access to the configuration file can easily read the password and gain unauthorized access to the router or network.
The service password-encryption command enables the encryption of passwords in the configuration file. This means that the password is no longer stored in plain text, but instead is encrypted using a weak algorithm (type 7 encryption). While type 7 encryption is not particularly strong, it does provide some level of protection for the password.
It's important to note that the service password-encryption command does not encrypt passwords passing through the router, as stated in option A. This is a common misconception, but it's important to understand that the command only affects passwords stored in the configuration file.
Option C is incorrect because the service password-encryption command does not require the entry of encrypted passwords for access to the device. Instead, it simply encrypts the passwords that are already configured on the device.
Option D is incorrect because the command has nothing to do with configuring an MD5 encrypted key for routing protocols. While MD5 authentication can be used to provide additional security for routing exchanges, it is not related to the service password-encryption command.
Option E is also incorrect because the command does not suggest encrypted passwords for use in configuring the router. Instead, it simply encrypts passwords that are already configured on the router.
In summary, the service password-encryption command provides additional security by encrypting passwords in the plain text configuration file. This helps to prevent unauthorized access to the router or network by individuals who have access to the configuration file.