Home > Router Questions

Router Questions

August 7th, 2017 in ROUTE 300-101 Go to comments

Question 1

Explanation

To determine which scheme has been used to encrypt a specific password, check the digit preceding the encrypted string in the configuration file. If that digit is a 7, the password has been encrypted using the weak algorithm. If the digit is a 5, the password has been hashed using the stronger MD5 algorithm.

For example, in the configuration command:

enable secret 5 $1$iUjJ$cDZ03KKGh7mHfX2RSbDqP.

The enable secret has been hashed with MD5, whereas in the command:

username jdoe password 7 07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D

The password has been encrypted using the weak reversible algorithm.

When we enter the “enable secret” command with a number after that, the IOS can specify that the password has been encrypted so it will not encrypt any more and accept that password.

In new Cisco IOS (v15+), it seems the device does not recognize “enable secret 7” command as encrypted password. We tried on Cisco IOS v15.4 and see this:

enable_secret.jpg

When we tried to enter the command “enable secret 7 07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D”, the Cisco IOS automatically change the command to “enable secret 5 $1$dLq2$qgzb4bgdsasX8dx1oHOkD.” (in the running-config file). So if you paste an “enable secret 7 …” command from an old Cisco IOS version, you cannot login any more with your password.

Note: In fact, there is an error with the answer D. As we entered the command in answer D, the router denied the encrypted password because it was not a valid encrypted secret password. That means the router also checked if the password was hashed correctly or not. But it is the best answer in this question.

enable_secret_error.jpg

Question 2

Explanation

Excessive debugs to the console port of a router can cause the router to hang. This is because the router automatically prioritizes console output ahead of other router functions. Hence if the router is processing a large debug output to the console port, it may hang. Hence, if the debug output is excessive use the vty (telnet) ports or the log buffers to obtain your debugs.

Note: By default, logging is enabled on the console port. Hence, the console port always processes debug output even if you are actually using some other port or method (such as Aux, vty or buffer) to capture the output. Hence, Cisco recommends that, under normal operating conditions, you have the no logging console command enabled at all times and use other methods to capture debugs.

To enable logging logging on your virtual terminal connection (telnet), use the “terminal monitor” command under Privileged mode (Router#)

Reference: http://www.cisco.com/c/en/us/support/docs/dial-access/integrated-services-digital-networks-isdn-channel-associated-signaling-cas/10374-debug.html

Question 3

Explanation

Per-packet load-balancing means that the router sends one packet for destination1 over the first path, the second packet for (the same) destination1 over the second path, and so on. Per-packet load balancing guarantees equal load across all links. However, there is potential that the packets may arrive out of order at the destination because differential delay may exist within the network -> Answer D is correct.

When searching the routing table, the router looks for the longest match for the destination IP address prefix. This is done at “process level” (known as process switching), which means that the lookup is considered as just another process queued among other CPU processes

Interrupt-level switching means that when a packet arrives, an interrupt is triggered which causes the CPU to postpone other tasks in order to handle that packet.

In general, process switching is faster then interrupt-level switching and can cause out-of-order packets.

Question 4

Explanation

The command “debug condition interface <interface>” command is used to disable debugging messages for all interfaces except the specified interface so in this case the debug output will be shown on Fa0/1 interface only.

Note: If in this question there was another “debug condition interface fa0/0” command configured then the answer should be C (both interfaces will show debugging ouput).

Question 5

Explanation

There are a few simple steps you can follow to ensure your VTY lines are as secure as possible. The easiest way is to enable username / password authentication. Other ways are to include an access-list to prevent unwanted IP addresses from connecting and use SSH to encrypt the traffic connecting to the device.

Question 6

Explanation

An Integrated Services Router(ISR) router can be implemented an Ethernet Switch Module to perform both IP routing and inter-VLAN routing. With this module, an ISR router will contain interface vlan configurations.

Question 7

Question 8

Comments
Comment pages
1 3 4 5 1727
  1. Anonymous
    November 10th, 2019

    Please share dump for practice (VCE file + tool player, PDF) with full question:
    s a s s y a n n _ 0 0 @ y a h o o . c o m

  2. Neda
    November 10th, 2019

    Please share me latest dump neda.ghafarzadeh@yahoo. com

  3. Ed
    November 12th, 2019

    Please, I would like to have the latest dumps and also the official Cisc Academ slide .ppt for the 300-101 routing test. Does anybody have these material! Thanks A lot!!
    edu notari @ gma il. com

  4. NAZ
    November 12th, 2019

    Hello, please someone to share with me the latest Dumps 300-101 Routing?
    Thanks a lot!
    email: ce lin a baku ba {email not allowed}

  5. Dibbs Rising
    November 12th, 2019

    Please share me the latest dump.

    info.redeocol @ gmail. com

    Thanks in advance

  6. hoot
    November 13th, 2019

    Looking for CCNP Route and Tshoot questions. Please email hootbgib @ yahoo.com

  7. Anonymous
    November 14th, 2019

    please share the latest dump {email not allowed} please

  8. Anonymous
    November 14th, 2019

    please share the latest dump at md_787 @ hot mail . com thanks

  9. Anonymous
    November 18th, 2019

    could someone share latest ? koektest123 @ gmail . com , thanks so much.

  10. sd
    November 18th, 2019

    Please share with me lthe latest dump sduser21 @gmial. com

  11. sd
    November 18th, 2019

    Please share with me the latest dump sduser21 @gmail. com

  12. RealityMan
    November 20th, 2019

    stop being pathetic you all. nobody here cares you WANT dupms. working with guys like you (with totally cheated certs) in network departments makes other engineers life miserable.

  13. Anonymous
    November 25th, 2019

    Where do you guys get the dumps for the exam?

  14. @digitaltut
    November 27th, 2019

    Comments should only be for premium members! Site is great but 90% of comments are BS!!

  15. jose
    December 1st, 2019

    Anybody know where I can study/review ccda 200-310 exam

  16. jose
    December 6th, 2019

    @RealityMan the only reason you are a so called engineer is because you are on here. You are probably the worst “engineer” ever only concerned about you. If you have nothing good to provide dont visit the site.

Comment pages
1 3 4 5 1727
  1. No trackbacks yet.