Home > Security Testlet

Security Testlet

October 20th, 2013 in ICND1, ICND1 100-101 Go to comments

Question

 

 

Security_SIM.jpg

Not sure about the requirement of this question but it is something like this:

Before this switch and router can be put to use in the network, what security risks can be found…

We are still not sure about the configurations in this sim but we got some information to share with you (updated on December-07-2011. Thanks Joe Mendola, xallax and many candidates who share the information!):

Maybe this is the configurations on Router and Switch (but notice that they are surely missing something):

ROUTER A CONFIGURATION

!
no service password-encryption
!
enable password cisco
!
username ciscouser privilege 15 password 0 cisco
!
banner motd ^CWelcome! If you encountered any problem, please consult the administrator^C
!
line vty 0 4
password 4t&34rkf
login local
transport input telnet ssh
!

 

SWITCH A CONFIGURATION

!
no service password-encryption
!
line console 0
line vty o 4
no login
transport input telnet ssh (????)
line vty 5 15 (????)
login (????)
transport input telnet ssh (????)
banner motd ^CWelcome! If you encountered any problem, please consult the administrator^C

Note: This is just what we gather and guess. In the exam the configurations may be different so make sure you understand about “enable secret”, “enable password”, “login”, “login local”, “transport input”, “line vty”, “service password-encryption”, “bannder motd”, “privilege” before taking this exam!

This sim has 4 questions:

Question 1

Identify security threats on RouterA (select 3)

A. unencrypted password set
B. unsecured message on banner
C. remote access can only be made through telnet or SSH
D. user gets level 15 automatically by default

 

Answer: A C D

Guideline to answer this question:

Because the “service password-encryption” is not set on RouterA so the password to access privileged mode (via the command “enable password cisco”) is unencrypted. Also, the password for VTY is unencrypted (notice that the password “4t&34rkf” is in fact unencrypted) -> A is correct.

Although the banner says “Welcome …” but it does not leak any security information so it is still safe -> B is not correct.

From the command “transport input telnet ssh” we learn that remote access can be mad through telnet or SSH. This is also the default setting of Cisco router -> C is correct.

In the “line vty 0 4″ configuration, the type of login is specified as “login local”. It means that the router will not use the password configured under “line vty 0 4″ (in this case “4t&34rkf”) but it will use the user & password configured in “username ciscouser privilege 15 password cisco” command. The command “username ciscouser privilege 15 password cisco” will grant the privilege of 15 for “ciscouser” user -> D is correct.

Question 2

Which two of the following are true regarding the configuration of RouterA (choose two)

A. at least 5 simultaneous remote connect are possible
B. only telnet protocol connections to Router A are supported
C. remotely connection to RouterA using telnet will succeed
D. console line connection will never time out due to inactivity
E. since DHCP is not used on Fa0/1 there is not a need to use the NAT protocol

 

Answer: A C

Guideline to answer this question:

A is correct as we can telnet from line 0 to line 4 (line vty o 4).

We can use both telnet and SSH to connect to this router (transport input telnet ssh) -> B is not correct.

C is correct as we can telnet to it.

D is not correct because by default, the timeout is set to 10 minutes on both the console and the vty ports.

E is not correct as NAT can be used even DHCP is not used.

Question 3

Select the options which are security issues which need to be modified before RouterA is used (not sure how many answers we can choose)

A. unencrypted weak password is configured to protect privilege mode
B. inappropriate wording in banner message
C. the virtual terminal lines have weak password configured
D. virtual terminal lines have a password, but it will not be used
E. configuration supports in-secure web server access

 

Answer: A D

Guideline to answer this question:

Privilege mode on RouterA is protected with unencrypted password (via “enable password” command) -> A is correct.

B is not correct as mentioned above.

The password of VTY lines is “4t&34rkf”. Although it is unencrypted but it is not a weak password because it has number & special characters inside -> C is not correct.

Although a password of “4t&34rkf” is configured but with the command “login local”, router will use the username of “ciscouser” & password of “cisco” (configured in “username ciscouser privilege 15 password 0 cisco” command) -> D is correct.

By checking the configuration of routerA with the “show run” command. To support web server access it must have the command “ip http server” but it does not -> E is not correct.

Question 4

Select three options which are security issues with the current configuration of Switch A. (Choose three)

A. privilege mode is protected with an unencrypted password
B. inappropriate wording in banner message
C. virtual terminal lines are protected only by a password requirement
D. both the username and password are weak
E. telnet connections can be used to remotely manage the switch
F. Cisco user will be granted privilege level 15 by default

 

Answer: not sure

Guideline to answer this question:

We haven’t had enough information about switch configuration so we can’t be sure about the correct answers but the below is a guideline:

Answer B is surely not correct as the wording in banner does not leak any security information.

If under “line vty 0 4″ you see the “login” command but it does not have a password then maybe answer C is correct. In this case if we try to telnet/ssh to the switch then we will receive a message “Password required, but none set” then we are kicked out ^^.

If you see popular username and password then maybe answer D is correct.

If the command “transport input …” specifies “telnet” as a method then answer E is correct.

For answer F, if you see something like this:

line vty 0 4
privilege level 15

or these lines:

username ciscouser privilege 15 password cisco

and

login local (in “line vty 0 4″)

then answer F is correct.

———————————-

Hope you will contribute your experience about this sim after taking the ICND1 exam. We will post here when we get new information about this sim as soon as possible.

Comments (386) Comments
Comment pages
1 2 3 4 115
  1. Mike
    March 23rd, 2013

    Hi guys,
    I passed my CNDI 1 today (March 23, 2013) with 925/1000. I got this security question with no banner at all. I did not get any drag and drop. I got the simulated with five routers and two testlets which you can find them in this site. Lot of questions from this site. The questions were very easy. Anyway thanks to this site which helped me to understand the questions.
    Thank you
    Mike

  2. Tony
    March 27th, 2013

    I got 987/1000 ,Thanks 9tut, exam collection, Wendell Odom and brain. ICND_1 is very simple you just have to be prepare. ICND_2 preparation began.

  3. azi
    March 28th, 2013

    pls can any body give me link for vce with crack

  4. George
    April 1st, 2013

    I had this question in my ICND1 test a month ago. I passed but I don’t think I got this question right. Did anyone else get misled by the use of the words ‘at least’ in the ‘at least 5 remote simultaneous connections’ answer? To me line vty 0 4 means ‘up to 5 remote simultaneous connections’ not ‘at least’. ‘At least’ implies you can actually get more than 5.

  5. Harsh Bhosale
    April 5th, 2013

    Can anyone please tell me what was Question# 4 actually and its correct answer? In this, I think A and B is ruled out! In C, vty 0 4 has no login whereas vty 5 15 has login (still I don’t see any password set in running-config). D, again I don’t see any password set in running-config!! Moreover, I don’t find E as an security threat n telnet (except its unencrypted transmission) and again nothing about F in running-config…
    Frankly speaking…I don’t find any of these choices correct in Q#4

    Please reply..

    Thanx in advance…

  6. Broffredo
    April 10th, 2013

    @George – Maybe they put ‘at least’ since some devices can have up to 16?

  7. 3dawg
    April 17th, 2013

    Got this testlet on my ICND 1 today

  8. DM
    May 3rd, 2013

    Yup this was in the test today too

  9. Nimal
    May 19th, 2013

    Answer to:

    “Question 3

    Select the options which are security issues which need to be modified before RouterA is used (not sure how many answers we can choose)

    A. unencrypted weak password is configured to protect privilege mode
    B. inappropriate wording in banner message
    C. the virtual terminal lines have weak password configured
    D. virtual terminal lines have a password, but it will not be used
    E. configuration supports in-secure web server access”

    ..should be A, B and D
    A -> this is obvious, the priviledge exec password is cisco, weak password
    B -> True. “Welcome..blah blah” is highly inappropriate for a security environment! You do not welcome people for such devices! It should be something like “Unauthorizes access strictly prohibited!!”
    D -> because ‘login local’ command has been issued. the username password pair will be used instead of the specified ’4t&34rkf’ password.

    Hope this helps someone..

  10. Nate Johnson
    May 20th, 2013

    Passed my ICND1 today with a 899, this testlet was on it. I had one that went something like:

    line vty 0 4
    transport input ssh (in the show run)
    login local

    Telnet connections will be allowed to this device – This is false because as you can see, ssh is the only terminal connection allowed.

  11. Zeus
    May 25th, 2013

    @Nimal

    OK the answer to Question 3 is A,B,D, but what is the correct answer to Question 1,2, and 4?
    I know this security testlet is on most exams so please somebody let me know the correct answer.

  12. Nimal
    May 26th, 2013

    First of all learn the conecpts properly. You are not going to go anywhere with the exams just by studying the questions.
    If you understand concepts, Q1 & Q2 are easy and you’ll know the answers provided above are actually correct. if not, go back and learn the concepts first and practice a few labs. CBT nuggets is a great resource.

    Regarding Q4, you can see this question cannot really be answered by looking at the the output provided above which is INCOMPLETE. I suggest you build a simulation lab using PT or GNS3 and try it instead.
    At the exam the full running-confing will be available to you by running ‘sh run’ command and it will be upto you to figure out the security issues.. But try this with packet tracer or any other sim and understand basic security principles by yourself. It’s really easy

    I passed ICND1 on 20th may and the output of the show running-config i got for this testlet was different. So were some of the answers. So that’s why you gotto understand the concepts and then practice so you’ll be really ready whatever the exam throws at you.

  13. Anonymous
    June 8th, 2013

    This SIM definitely on the exam, should understand the SIM inside out and pay attention closely on the virtual connections setup.

  14. ganesh
    June 15th, 2013

    this sim was on my exam.. i chose unsecure banner.. it said welcome..

  15. Michael
    June 17th, 2013

    This was on my exam, the banner DID NOT say welcome, also, various answer options were slightly different. I passed with a 960, the couple that I did miss I am pretty sure were from this security testlet, as it is pretty confusing.

  16. Uzzi
    June 21st, 2013

    lol it was on my exam day before yesterday, thanks admin, really appreciated your work….

  17. Marty
    June 24th, 2013

    Hi all,
    I passed today with 1000. I did get this security question. The config was different but the questions were similar. I had a motd banner which I picked as a risk in both the router and switch questions which obviously was correct. It really depends on the show run output and ruling out any other less suitable options but in my case the banner risk was the correct answer.
    Good Luck!

  18. Naomi
    June 25th, 2013

    breakouts across the enirte map. These calculations will show you where the market is going,duluth trading Bing. as opposed to where it has been. What is this advance notice worth to you?VisualTradercan pay for

  19. Cos I got high (marks)
    June 26th, 2013

    Passed today. 2 drag and drops (Frame Relay, ATM etc), Security Testlet, easy labsim (just use show CDP neighbors), and all qs were from here or examcollection.

  20. XHTML
    July 13th, 2013

    Just passed the exam today with a 960 score.

  21. C DID HE
    July 15th, 2013

    I passed the ICND 1 today with an 887. This question was on the test. ICND 2 NEXT!!
    A big thanks to the creator(s) of this site. It’s very helpful!!!

  22. Brazil
    July 18th, 2013

    Scored 960.

    Keep up the great work 9tut!

    I would’ve had a perfect score if question 4 had the correct answers lol.

  23. THANKYOUJESUS!
    July 18th, 2013

    just passed with 974 out of 1000. I believed I’ve missed these questions. about 95% of the questions at 9tut were on the test. My sim was was the show cdp nei where you drag/drop the routers and ipxes.

  24. routerking
    July 31st, 2013

    Took the exam Monday scored a 762, time ran out on me on question 46. Need to manage my time better next time. I spent to much time on some questions. I did have this testlet on the exam.

  25. Chan
    August 3rd, 2013

    Failed today. Got same question 2 & 3 and picture but cannot find configuration despite clicking diagram. Did not chose banner motd

  26. Vin
    August 9th, 2013

    Did ICND1 today, passed.
    These questions were on there

  27. G
    August 9th, 2013

    Took ICND 1 as a bet for co worker. I’ve been a network engineer for over 6 years. Sometimes you have to go back to the basics to see if you still got it lol. Passed my ICND 1. 890/1000. You need a 804 to pass. The security Testlet was on my exam along with the drag and drop items. One drag and drop item that is not on 9tut is ATM-Cell Switched PSTN-Circuit switched Frame-Packet switched Leased Line- Point to Point. Study Materials were Todd Lammle CCNA videos 6th edition and 9tut only. Good Luck.

  28. JohnnyG
    August 10th, 2013

    Just passed ICND1 with a 925, this question was on it.

  29. X
    August 13th, 2013

    This is what i found during study,,,,,, note different wording..!!!

    !
    enable password cisco
    !
    username ciscouser privilege 15 password 0 cisco
    !
    banner login ^CWelcome! If you encountered any problem, please consult the administrator^C
    !
    line con 0
    ecec-timeout 10 0
    password 4youreyeonly
    login
    !
    line vty 0 4
    password cis@clr!
    login

    !
    —————————————————————-
    Identify security threats on RouterA (select 3)

    A. unencrypted password set
    B. unsecured message on banner
    C. remote access can only be made through telnet or SSH
    D. user gets level 15 automatically by default
    ——————————————————————————————
    Question1 Explanation:

    Because the “service password-encryption” is not set on RouterA so the password to access privileged mode (via the command “enable password cisco”) is unencrypted. Also, the password for VTY is unencrypted (notice that the password “cis@clr!” is in fact unencrypted).

    The banner is not appropriate and provides information on the router, which can be considered as a security threat. The banner login, is supposed to be a permanent “do not enter if you dont belong message”.

    In the “line vty 0 4? configuration, the password is not encrypted.

  30. X
    August 13th, 2013

    Answer
    A,B and D

  31. X
    August 13th, 2013

    Which two of the following are true regarding the configuration of RouterA (choose two)

    A. at least 5 simultaneous remote connect are possible
    B. only telnet protocol connections to Router A are supported
    C. remotely connection to RouterA using telnet will succeed
    D. console line connection will never time out due to inactivity
    E. Console password is encyrpted

    Answer A & C

    Question2 Explanation:

    A is correct as we can telnet from line 0 to line 4 (line vty 0 4).
    We can use both telnet and SSH to connect to this router. B is not correct.
    C is correct as we can telnet to it.
    D is not correct because by default, the timeout is set to 10 minutes on both the console and the vty ports.
    E is not correct as NAT Console password is not encrypted

  32. X
    August 13th, 2013

    !
    no service password-encryption
    !
    line console 0
    line vty o 4
    no login
    transport input telnet ssh (????)
    line vty 5 15 (????)
    login (????)
    transport input telnet ssh (????)
    banner login ^CWelcome! If you encountered any problem, please consult the administrator^C
    !

    Select three options which are security issues with the current configuration of Switch A. (Choose three)

    A. privilege mode is protected with an unencrypted password
    B. inappropriate wording in banner message
    C. virtual terminal lines are protected only by a password requirement
    D. both the username and password are weak
    E. telnet connections can be used to remotely manage the switch
    F. Cisco user will be granted privilege level 15 by default

    Answer B,C & D

    Option A is not relevant as no password is configured for privilege mode.
    Option B is correct. The wording in the banner is not appropriate. It should typically read something like “do not enter if you dont belong message”.
    Option C is also correct. Virtual terminal lines are protected only by a password requirement.
    telnet connections can be used to remotely manage the switch. (see, line vty 5 15 , and login)
    Option D is also correct. Telnet connections on the switch can be accessed remotely.
    Option E is not correct as the user will only be granted privilege level 15 if configured.

  33. X
    August 13th, 2013

    OOps Anwser B,C & E

    Question D not in my study
    Option E refer to F

  34. ALVES
    August 16th, 2013

    Guys ,,,, I WANT Wendel Odom 3rd Edition plzzzzzzzzzzzzzz

  35. ALVES
    August 16th, 2013

    Wendell Odom * Sorry For Mistake
    !!!

    plz i neeed it i neeed ICND1 Wendell Odom 3rd Edition !!!!

  36. P_South Africa
    August 20th, 2013

    Im going in to write today, test is in half an hour, so here goes nothing!!!!Thanx regardless to 9tut, cbt and Odom!

  37. P_South Africa
    August 20th, 2013

    Passed, thank God!!! After passing 640-822, can I take 200-101 to get ccna? Sent the question to Cisco, but I know the reply will take a few days.

  38. visitor
    August 21st, 2013

    South Africa, study hard for icnd2(640-816), u have time till September 30 to take the exam.

    Anyway tell here when u receive answer from cisco, i want to know this answe too

  39. NetworkPro
    August 28th, 2013

    “Passed, thank God!!! After passing 640-822, can I take 200-101 to get ccna? Sent the question to Cisco, but I know the reply will take a few days.”

    The answer is yes. Any combination of ICND1 and ICND2 will award you with a CCNA! However the older exams are easier, GO FOR ICND2 640-816 before September 30th!!

    https://learningnetwork.cisco.com/thread/54402

    http://www.youtube.com/watch?v=gjgTPyxJM0Y

  40. Riyana
    August 30th, 2013

    Passed ICND1 today with a 9** !!! This question was there in my exam!! Thnx 9tut.net!!

  41. Newbie
    September 9th, 2013

    Passed with 900+! Studied with Odom, CBTnuggets, Packet Tracer, Netsim, ExSim, and supplemented with 9tut. No prior networking experience. Thanks to this site most of all!

  42. Bob
    January 13th, 2014

    Am soon seating for my exam
    i need your guidance

  43. fructal
    March 2nd, 2014

    Regarding Q4, maybe “inappropriate wording” is also correct? In CBTNuggets course Jeremy discuses similar banner motd, saying that if you put “Welcome” it’s as if you were inviting anyone to log in (or hack) freely.

  44. el diablo en el ojo
    March 3rd, 2014

    Passed ICND1 today. I had “ip http-server” inside conf of router A, so “unsecure web access enabled” is correct as well.

  45. correction
    March 11th, 2014

    Question 3 from august 13 post answers should be BEF (one about the switch, not router)

    B. Inappropriate wording in banner. Welcome can be seen as an invitation to come in and is a legal no no

    E. Telnet connections can be used to remotely manage switch. lines vty 0 4 have the no login command which means no login required. they simply need type telnet A.B.C.D and they are granted access to that device. lines 5-15 have the login command which automatically disables them until a password command has been set which it has not.

    F. Cisco users will be granted level 15 by default. level 15 is priveledge exec mode which is what you are granted when you type enable. Since there is no enable secret or enable password command, BY DEFAULT a user is GRANTED ACCESS to this level. I admit i think this one is poorly worded cause at first reading it sounds like its saying you are instantly granted level 15/priv exec mode access when you come in.

    A C D are all wrong as they all refer to passwords in some manner. No where in the output is a single password configured.

  46. SS
    March 15th, 2014

    Im taking my exam monday, could some one please tell me the correct answers to the above questions (with the correct questions if possible), Please and thank you

  47. SS
    March 15th, 2014

    Also what command should i use on the devices to answer the questions , thanks

  48. SABOOR
    March 28th, 2014

    Hello Mr SS

    i wish you good luck in your exam and at the same after writing your exam can you please come back and tell us how did your exam go and the type of questions…thanks

  49. Don
    March 30th, 2014

    there is a mistake with the motd banner look at the last line it should be a character not a letter ^C

  50. Don
    March 30th, 2014

    please send me the latest dump for ICND1 at holy_23one@yahoo.com

  51. carlitozperez
    April 7th, 2014

    I aprecciate, if you could send me the last dumps for ICND1 , i´ve study hard to take the exam but i need to see the type of questions, thank you very much, send to carlitozperez@gmail.com i aprecciate it , when i take the exam i will post what i can

  52. dERP
    April 10th, 2014

    Remember that the banner choice is a correct answer for either.
    privledge mode password unencrypted was another choice,
    and a weak username and password was the third choice for me.

  53. Ahmed
    April 14th, 2014

    Hello I want to give my ICND1 exam. Please can anyone help me and send me the latest dumps for ICND1 on beware_76@yahoo.com. reply ASAP. Thanks

  54. Malik
    April 14th, 2014

    I Just Pass my ICND1 today with 973 Marks and this question was there,

    i got 100% in network device security ..
    1. welcome to switch and router is unapropriate so tick this option …
    2. no login in swich means no need the password you can log in without anything ..
    3. user will grand level 15 was not valid for me as there was not priv mode included in show run …

    Thank you 9tut for a big help and support …. you guys are awesome …..
    need to pass icnd1 ? study cbt nuggets icnd1 and check everything on 9tut.net you dont need anything else …….

  55. Malik
    April 14th, 2014

    @Ahmad you dont need dumps just study 9tut.net all questions and check cbt nuggets icnd1 you will pass it easily .. i just passed today and got 973 out of 1000 … Good luck

  56. sami
    April 15th, 2014

    hi all
    subscribe to that channel http://www.youtube.com/user/Joynetworks for free
    that trainer is excellent , he makes the technology easy to understad.

  57. fez
    April 24th, 2014

    Passed my 100-101 exam today and this sim was there..

  58. **D**
    April 25th, 2014

    I am taking ICND1 Exam in the next couple of days. Can someone tell me what SIMS they had? I feel fairly confident.

  59. **D**
    April 25th, 2014

    IS there anything I should know

  60. fez
    April 25th, 2014

    @**D**

    I would suggest that you should know this security let, ospf sim and show commands sim by heart. Once you are in the exam try to be focused and don’t panic about time. Time is more than enough if you know your stuff. Read the questions answer million times so when yo read them in the exam. You will know the answer in less than a second. There were 3 labs for me.

  61. The Master
    April 30th, 2014

    I got this testlet today and the show config as well as the OSPF sim. Gud luck

  62. Anonymous
    May 2nd, 2014

    download free dumps from

    9 t u t . w e b s . c o m

  63. Eduardo
    May 3rd, 2014

    Passed today with a perfect score 1000/1000.
    3 sims: OSPF Neighbor Sim \ Show Configuration Sim \ Security Testlet Sim

    My advice is study, study, study, learn the material and don’t rely on just passing the test. Cisco is exiting technology just learn it!!

    I used:
    CBT Nuggets – I watch the entire series once a week for about a month and that really helped me to learn the concepts. Use Google search and YouTube for all your questions.
    ——-
    Boson NetSim 8.0
    Cisco Packet Tracer
    ——-
    Cisco.Testkings.100-101.ICND1.v2013-06-27.by.Cristiano.102q
    Cisco.Actualtests.100-101.v2013-12-13-.by.Nada.137q
    Cisco.Actualtests.100-101.v2014-01-06.by.SUSAN.124q
    Cisco.Lead2pass.100-101.v2013-10-04.by.Nada.189q = Spike.119q + Nada.70q
    ——-
    9tut.net – \Labsim – \Security Testlet
    -OSPF Neighbor Sim
    -Show Configuration Sim
    -Security Testlet Sim

  64. Reza
    May 4th, 2014

    Can some1 send me the VCE Player also? My version isn’t working with the new VCE files and prompt me : “The file was created with a newer version of Visual CertExam that you have”
    My email add: ghahremanlu@gmail.com

  65. Manohar Tn
    May 16th, 2014

    Got 986/1000 Marks, {5/16/2014} 50 Questions, Ospf Sim, Security simlet, and Router and switch Simlet Was also there…..All questions From 9tut. and Examcollections…..Now Heading For Icnd2 And Blogging…..

    For Any Help.
    Manohar Tn
    Website: http://www.techlinko.com
    G+ : https://plus.google.com/u/0/+ManoharTN9/

  66. kevo
    May 16th, 2014

    guys i did my exam on 15th may 2014 got 960/1000,this question was there word for word..The three sims were show ospf neighbors, security testsim and show configuration..I read for the icnd1 exam in only two weeks so you can make it..go through susan dumps and hush dumps.also all questions in 9tut and you should be okay.

  67. Anonymous
    May 18th, 2014

    hi Kevo;
    Thanks a lot for your helpful information. I would like to ask you about OSPF question, Please can you tell as what was the question and Is there any question her similar?

    Thanks in advance :) .

  68. sayed
    May 18th, 2014

    hi Kevo;
    Thanks a lot for your helpful information. I would like to ask you about OSPF question, Please can you tell as what was the question and Is there any question her similar?

    Thanks in advance :) .

  69. Anonymous
    May 20th, 2014

    has anyone used the roxanne dump?

  70. bree-bree
    May 23rd, 2014

    hi every one, could you pass me the last DUMPS, and also the VCE player (a link that works !!!), i have my exam, these days. thks guys
    manelfraise0@gmail.com

  71. Anonymous
    May 24th, 2014

    get free dumps from

    bc.vc/l3qFrE

  72. ivanzor
    June 4th, 2014

    File #0 does not exist

  73. lmpoub
    June 5th, 2014

    Just passed the today and the dump is valid.
    No question IPv6 or cabling but a lot of subnetting , switching , routing and security
    Thank you for the dumps
    Merci !!!

  74. Security Testlet
    June 17th, 2014

    Hi Everyone,
    I am taking my exam tomorrow. Just want to know – for the security testlet, do you have to configure Router A and switch A (the 2 blocks on top) or only answer the questions related to it?

    My guess is , configure it myself – just making sure :)

    will let you know after the exam how it went.

  75. Pikes
    June 19th, 2014

    How did the exam go dude Ive got mine next month…

  76. Victor
    June 24th, 2014

    Preparing to take my exam on Thursday, is this information still valid?

  77. Cole
    June 24th, 2014

    Hello, I took the INCD1 on 6-16 and the question I ahd didn’t have welcome, but something like “Thanks for logging into Switch A” and for the router it had “Thanks for logging into Router A” Now if they have the name of the router in this wouldn’t the banner be an issue?

  78. hagen
    June 26th, 2014

    Hello please dont forget in the past a hacker was free because some banner said “welcome ….” in the CBT nuggets talk about this is a big issue !!!!

  79. Pikes
    June 30th, 2014

    Victor how did the test go? was it similar to any dumps? same sims?

  80. King_Nigel
    July 2nd, 2014

    There seems to be a discrepancy in your answer guidance. When using your security testlet it indicates that banner messages have inappropriate wording. Yet in the answers on Q1 here the inappropriate wording answer is classified as a wrong answer.

  81. gazza
    July 2nd, 2014

    I’m pretty sure that B is correct in Q1. I’ve passed exam today. I’ve answered this question according to 9tut and this was the only question where I’ve lost points. Jeremy Cioara in CBTNuggets said clearly, you shouldn’t write “Welcome” in banner login or motd because it invites to break in.
    Anyway thanks 9tut for this tutorial! It contains almost every question I’ve got today. I’m sending a donation.

  82. Kamrul
    July 3rd, 2014

    Hi,

    I passed today. with 1000/1000. I marked “unsecured message on banner” for both the switch and router. Therefore, please note this is the right answer.

  83. Adeoritoke
    July 12th, 2014

    Passed Today. Questions contain OSPF Sim, Security and Show config. Lots of subnetting questions…at least 11

  84. grendel
    July 13th, 2014

    Question 2 (which I got wrong pretty sure) the router had “no login” set for it’s vty lines instead of “login local” as this shows. This caused me to pick A and D as wasn’t familiar with “no login” (which means no password is required). What bonehead would even enter that? Anyways I had a feeling there was a default timeout for the lines but picked it anyway as I didn’t know “no login”. Remember “Knowing is half the battle”.

  85. diggy
    July 14th, 2014

    Hi,
    I passed on 11th June 960/1000. This security lab and ospf lab was on the exam. The banner is absolutely a security risk and is inappropriate.

  86. Abdul
    July 19th, 2014

    this question was in the exam 19/07/2014

Comment pages
1 2 3 4 115
Add a Comment