Home > ICND1 – Security Testlet

ICND1 – Security Testlet

December 30th, 2016 in ICND1, ICND1 100-105 Go to comments





Maybe this is the configurations on Router and Switch (but notice that they are surely missing something):


no service password-encryption
enable password cisco
username ciscouser privilege 15 password 0 cisco
banner motd ^CWelcome! If you encountered any problem, please consult the administrator^C
line vty 0 4
password 4t&34rkf
login local
transport input telnet ssh


no service password-encryption
hostname switch1
enable password cisco
username ciscouser password 0 cisco
ip domain-name cisco.com

banner login ^c
************ welcome to Switch1. If you encountered any problem, please consult the administrator ************* ^c

line con 0
line vty 0 4
login local
transport input ssh
line vty 5 15
login local
transport input ssh

Note: This is just what we gather and guess. In the exam the configurations may be different so make sure you understand about “enable secret”, “enable password”, “login”, “login local”, “transport input”, “line vty”, “service password-encryption”, “bannder motd”, “privilege” before taking this exam!

This sim has 4 questions:

Question 1


There are 16 VTY lines (from 0 to 4 and 5 to 15) so there are more than 5 simutaneous remote connections can be made at the same time -> A is not correct.
There is no restriction on on the Switch so remote networks can connect to this switch -> C is not correct.
There is no config under “line con 0” so console access to this switch does not require a passowrd -> D is not correct.
All 16 VTY lines are configured to access via SSH only and all of them require a password. The difference is in the “line vty 0 4” configuration, the type of login is specified as “login local”. It means that the switch will not use the password configured under “line vty 0 4” (in this case none was set but it will use the user & password configured in “username ciscouser password 0 cisco” command -> B is correct.

Question 2


A is correct as we can telnet from line 0 to line 4 (line vty o 4).

We can use both telnet and SSH to connect to this router (transport input telnet ssh) -> B is not correct.

C is correct as we can telnet to it.

D is not correct because by default, the timeout is set to 10 minutes on both the console and the vty ports.

E is not correct as NAT can be used even DHCP is not used.

Question 3


Privilege mode on RouterA is protected with unencrypted password (via “enable password” command). Although this is a good choice but it is not the answer Cisco wants. Answer B is a correct answer instead. This can be explained by this way:

The wording in the banner is inappropriate as it “Welcomes” you to the network. If you are gaining unauthorised access to the device, the first thing you will see is a banner welcoming you. Apparently there has been a case (or cases) where a hacker has used this as a legal defence for gaining illegitimate access to the device. The banner should say something along the lines of “NO UNAUTHORISED ACCESS”.

The password of VTY lines is “4t&34rkf”. Although it is unencrypted but it is not a weak password because it has number & special characters inside -> C is not correct.

Although a password of “4t&34rkf” is configured but with the command “login local”, router will use the username of “ciscouser” & password of “cisco” (configured in “username ciscouser privilege 15 password 0 cisco” command) -> D is correct.

By checking the configuration of routerA with the “show run” command. To support web server access it must have the command “ip http server” but it does not -> E is not correct.

Question 4


The command “no service password-encryption” exists so the password to access privilege mode is not encrypted -> A is correct.

With the “login local” command the VTY lines will require both username and password -> C is not correct.

The username and password are easy to guess as they have common words like “cisco” and “user” -> D is correct.

In all VTY lines only SSH is allowed with the “transport input ssh” -> E is not correct.

To grant privilege level of 15 by default the following commands are required:

line vty 0 4
privilege level 15

or these lines:

username ciscouser privilege 15 password cisco


login local (in “line vty 0 4”)

but none can be found so F is not correct.

Comments (45) Comments
Comment pages
1 4 5 6 115
  1. JimitheMan
    August 11th, 2016

    icnd1 next week and im shitting meself!!! I took it last year and got 802!!!needed 804 to pass…sickenerorwhat!

  2. Anonymous
    August 14th, 2016

    I had this lab I got like a 50% on it so I don’t understand what they were looking for

    enable password cisco
    username ciscouser o password cisco
    line vty 0 4
    password 4!oneGO
    answer I choose was priv mode password was unencrypted and weak
    able to login with 5 virtual lines

    Not really sure

  3. naina
    August 16th, 2016

    Toammrrow i m going for exame 9 tut questions r enough for me if anyone has other dumps plz suggest me or mail me at {email not allowed}

  4. JimitheMan
    August 16th, 2016

    exam 2day wish me luck,I will let u know how i got on,9 tut has been a great help over the years and I will be sorry to see it go,THANKS 9 TUT !!!

  5. Mohamed Yasser
    August 16th, 2016

    ur answer is right, priv. mode password is unencrypted, also the password below u can make it secret to for more remote access security, its better if that choice exist
    i ve the exam tmw wish me luck 🙂

  6. Hana ISe
    August 18th, 2016

    I have exam today wish me luck 🙂

  7. Jaduco
    August 18th, 2016

    Good luck @Hana ISE

  8. Afridi
    August 22nd, 2016

    Hana ISe may you have failed in ur exams 🙂

  9. James
    August 31st, 2016

    HI all ;

    I took exam today 8-31-2016 and I Passed ICND1 exam . 897/1000 .The Sim was similar to this one that shows here ( about router and Switch Secuirty) . so read it carefully . Another Sims had R1,R2,R3 with RIP configuration and then they had problem in DHCP scope , (which was configured wrong) ; they put ACL in one of the routers that was blocking the people to access Server ; and another Topic was in NAT ( the Interesting traffic was wrong) and another Concet of NTP . No need to do any configuration only show commands . It was time consuming and Had to use a lot of show run and Show ip int brief to find answer, I had two Sim with only show commands on ICND1 Exams. I studies old ICND1 exam PDF and I was able to pass it. Few Questions on Ip address , but some more question about NTP server.

  10. Vicky
    September 10th, 2016

    Hello everyone….anyone have idea about ICND 1 V3?

  11. rich carner
    September 21st, 2016

    hi james…. excuse… did you see somthing about ospf in the 100-105 exam?

  12. Smithk331
    September 23rd, 2016

    Thank you for some other informative website. Where else may just I am getting that kind of info written in such an ideal means? I’ve a venture that I am just now working on, and I have been on the glance out for such info. gafakfgeeadefeke

  13. Anonymous
    October 7th, 2016

    What are your thoughts on the questions below:

    Which option is a valid hostname for a switch?

    Which MTU size can cause a baby giant error?

    Which statement about native VLAN traffic is true?

    A.Cisco Discovery Protocol traffic travels on the native VLAN by default.
    B.Traffic on the native VLAN is tagged with 1 by default.
    C.Control plane traffic is blocked on the native VLAN.
    D.The native VLAN is typically disabled for security reasons.

    Which value is indicated by the next hop in a routing table?
    A.preference of the route source
    B.IP address of the remote router for forwarding the packets
    C.how the route was learned
    D.exit interface IP address for forwarding the packets

    Which RFC was created to alleviate the depletion of IPv4 public addresses

    A.RFC 4193
    B.RFC 1519
    C.RFC 1518
    D.RFC 1918

    Which NTP command configures the local device as an NTP reference clock source?
    A.ntp peer
    B.ntp broadcast
    C.ntp master
    D.ntp server

  14. Anonymous:
    November 19th, 2016

    1) Hostnames can’t start with a number, and can’t have special characters (bangs/exclamation) (but can have a dash). A) starts with a number. B) has a bang at the end. C) starts with a number. Only D) is correct.

    2) a standard frame is 1500 bytes. Baby Jumbo Frames are anything SLIGHTLY larger than 1500, up to 1600 bytes. Jumbo Frames are between 1600 and 9000 bytes. Super Jumbo frames are lager than 9000 bytes of payload. So, to answer this question: Just look at which MTU setting is slightly larger than 1500 MTUs, and that would be D) 1518.

    3) This question is about Native VLAN. The native VLAN is the VLAN that is configured for packets that don’t have a tag. The default native VLAN on all Cisco Switches is VLAN 1. It is always enabled by default. These settings can all be changed: That is: you can designate a different VLAN as the native VLAN, disable VLAN 1, etc. Knowing that, we can eliminate D) as the correct answer because it is enabled by default. We can also eliminate B) because Native VLAN packets don’t get tags by default (you can change this). Finally, Control Plane traffic is never blocked on Native VLAN 1, and even if you change the Native VLAN, the control plane traffic still comes across VLAN 1. That eliminated answer C) – leaving A) as the only answer.

    4) The next hop is the IP address of the next router that the packet has to be forwarded to, in order for it to eventually reach it’s destination. This pretty much leaves us with only one logical answer: B)

    RFC 4193 is about Unique Local IPv6 Unicast Addresses.
    RFC 1519: Classless Inter-Domain Routing (CIDR): an Address Assignment and Aggregation Strategy .
    RFC 1518: An Architecture for IP Address Allocation with CIDR.
    And RFC 1918: Address Allocation for Private Internets.

    Since we’re talking about Public, not private addresses, we can eliminate answer D. Since we’re talking about IPv4, we can also eliminate Answer A. Answer C can also be eliminated because the RFC is about the architecture for IP address allocation… leaving just Answer B as the correct choice.

    6) Last- NTP: NTP is the Network Time Protocol, which is how devices get time updates. A Master server (If you’re using public NTP, there are several of them) uses an atomic clock or GPS signal to keep itself on time. It also passes that time info down to properly configured NTP Peers. An NTP Server, is a router or other device that is authorized to pass on the time info to other devices. They can be several layers deep – meaning: The master passes time data to Router’s 1 and 2. Router 1 is a server, and passes that same data on to Router A and B. Router A passes the info onto a switch. and so on. All the servers, usually have several peers they refer to (other servers) to compare the times across the board. Any that are “insane” are rejected outright. Anyway the command to make a router a server is simply Answer D) which tells the router it is the source of NTP on it’s network. Note: It will have a master for NTP unless it is the master (meaning it has an atomic clock or GPS attached to it.)

  15. Message for Arch
    January 13th, 2017

    The ICND1 is 100-105 so you can shove your best offer on an old exam

  16. Test
    February 17th, 2017

    Question 2,

    Answer A’s wording is stupid… it said ” ‘at least’ 5 simultaneous remote connect are possible”

    To normal people “At least”= Minimum.. In this situation, 5 simultaneous connections is maximum. This isn’t even testing us on our knowledge of the subject. Its word play to screw us up.

  17. Arshik
    March 5th, 2017

    why the answer given in explanation and in Quiz are different. Which one is right?
    In question 4.–Answer B is surely not correct as the wording in banner does not leak any security information. but in Quiz it is coming as correct answer. Please advise

  18. 9tut
    March 7th, 2017

    @Arshik: We have just updated this simlet. Please try again. According to the candidates’ reports, the banner has inappropriate wording is the correct answer.

  19. alik
    March 12th, 2017

    Refer to the exhibit. Which statement describes the effect of this configuration?

    Router#configure terminal
    Router(config)#vlan 10
    Router(config-vlan)#do show vlan
    A. The VLAN 10 VTP configuration is displayed.
    B. VLAN 10 spanning-tree output is displayed.
    C. The VLAN 10 configuration is saved when the router exits VLAN configuration mode.
    D. VLAN 10 is added to the VLAN database.

  20. Datalink
    March 15th, 2017

    Whenever I try to type in a command it simulation keeps saying this command is not supported. What am I doing wrong? I’ve tried Router1#show startup-config and Router1# do show startup-config.

    Other commands are giving me the same issue as well. Any know what’s going on?

  21. Datalink
    March 15th, 2017

    I figured it out. I had to update java

  22. Datalink
    March 15th, 2017

    @alik the answer is C. The VLAN 10 configuration is saved when the router exits VLAN configuration mode.

    Because VLAN 10 is only created when we exits VLAN configuration mode. So exit needs to be typed in

  23. VTY
    March 21st, 2017

    This one iand dhcp seem to be the ones that are coming up most on the test at this moment.

  24. Josephbreta
    March 30th, 2017

    There’s a complete industry around celebrity gossip. Should you really need to impress a woman, stay updated on celebrity gossip and current problems. This propensity for awful news spans the worldwide population. –

  25. FirstCiscoExam
    April 19th, 2017

    Hi Guys, am i the only one who sees the security simlet as a normal webpage? i actually dont see the questions at all, only the answers. Please help.

  26. asas
    April 21st, 2017

    @First, that’s normal.. buy premium for 9USD and you will have full access

  27. penguin
    May 10th, 2017

    new to ccna currently doing ccent can any1 suggest an learning material please

  28. sa
    June 10th, 2017

    hello from where i can get questions?

  29. routerA
    June 12th, 2017

    Inappropriate Banner is correct or no?

  30. Sam
    June 14th, 2017

    Hi routerA,
    Banner motd has welcome that means is inappropriate message, so it means there is an issue in the security configuration which leads to correct answer.

  31. Remo
    July 2nd, 2017

    Question 3

    I think the correct answer is A and D

  32. Gregorydek
    August 4th, 2017

    On this subject have already been solved many times.
    Be mindful and do not flood
    right here is the website http://custombestessay.com/order-prime-glass-ceiling-synthesis-essay-writing-agency/

  33. Anonymous
    August 23rd, 2017

    Inappropriate banner? Lol Really? I would have never thought about this one especially if there is another more logical answer. Really cheesy. Just for curiosity I have checked the Todd Lammle and Wendel Odom books as well if they say anything about it… and no. Not a word about that oooh you should be aware of the content of the MOTD. Thanks 9tut that you highlighted this for us!

  34. SI
    September 24th, 2017

    Refer to the exhibit. Which statement describes the effect of this configuration?
    Router#configure terminal
    Router(config)#vlan 10
    Router(config-vlan)#do show vlan
    A. The VLAN 10 VTP configuration is displayed.
    B. VLAN 10 spanning-tree output is displayed.
    C. The VLAN 10 configuration is saved when the router exits VLAN configuration mode.
    D. VLAN 10 is added to the VLAN database.

    answer should be D? i tested this is cli

  35. Suzan
    September 26th, 2017

    Mat what kind of Drag and Drop Question you got on the exam??

  36. Whocares
    October 6th, 2017

    This was the exact question in my today’s test.

  37. z
    October 8th, 2017


    I’m taking my exam on the 10th of this month in two days, was 9tut accurate with its questions?

  38. Vugo
    October 9th, 2017

    D. VLAN 10 is added to the VLAN database.

  39. Anonymous
    October 31st, 2017

    hi Z
    how did you get on with your exams and was there any drag and drops questions?

  40. Anonymous
    November 2nd, 2017

    can someone send me 101 -105 VCE dumps I have the VCE engine which I purchased for a high amount , you can send them on joseoluoch at gmail dot com please I am trying to re certify asap before end of the year

  41. khan
    November 2nd, 2017

    Which NTP command configures the local device as an NTP reference clock source?
    A.ntp peer
    B.ntp broadcast
    C.ntp master
    D.ntp server

    Which MTU size can cause a baby giant error?
    can some one give me the answers of these question … i need someone expert to answer it because i search alot but i didn’t find any suitable answer

  42. icnd1
    November 18th, 2017

    Hello Odis! I cannot see any posts from Irina under that link.

  43. icnd1
    November 27th, 2017

    Hey Hiram! Where can I found that dumps?

  44. doggy
    December 1st, 2017

    Hi am writting this week , please 100-105 dumps

  45. Shayan
    December 11th, 2017

    Which NTP command configures the local device as an NTP reference clock source?
    A. ntp peer B. ntp broadcast C. ntp master D. ntp server

    Answer: D

    From a Cisco perspective, getting the clock from an Internet time source and/or from a local timing device both require the same command (ntp server). To have a specific network device consider itself as a reference clock source, another command is used (ntp master)
    For example, the command
    Router(config)#ntp server
    configures the local device to use a remote NTP clock source from while the command:
    Router(config)#ntp master 1
    configures the local device as a NTP reference clock source with stratum of 1.

    Which MTU size can cause a baby giant error?
    A. 1500 B. 9216 C. 1600 D. 1518

    Answer: D

    Question 5
    Ethernet frame size refers to the whole Ethernet frame, including the header and the trailer while MTU size refers only to Ethernet payload. Baby giant frames refer to Ethernet frame size up to 1600 bytes, and jumbo frame refers to Ethernet frame size up to 9216 bytes (according to this link: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-4000-series-switches/29805-175.html)
    For example, standard Ethernet frame MTU is 1500 bytes. This does not include the Ethernet header and Cyclic Redundancy Check (CRC) trailer, which is 18 bytes in length, to make the total Ethernet frame size of 1518.
    So according to strict definition, MTU size of 1600 cannot be classified as baby giant frames as the whole Ethernet frames will surely larger than 1600 -> Answer C is not correct.
    Answer D is a better choice as the MTU is 1518, so the whole Ethernet frame would be 1536 (1518 + 18 Ethernet header and CRC trailer). This satisfies the requirement of baby giant frames “Baby giant frames refer to Ethernet frame size up to 1600 bytes

Comment pages
1 4 5 6 115