Not sure about the requirement of this question but it is something like this:
Before this switch and router can be put to use in the network, what security risks can be found…
Maybe this is the configurations on Router and Switch (but notice that they are surely missing something):
ROUTER A CONFIGURATION
SWITCH A CONFIGURATION
banner login ^c
line con 0
Note: This is just what we gather and guess. In the exam the configurations may be different so make sure you understand about “enable secret”, “enable password”, “login”, “login local”, “transport input”, “line vty”, “service password-encryption”, “bannder motd”, “privilege” before taking this exam!
This sim has 4 questions:
There are 16 VTY lines (from 0 to 4 and 5 to 15) so there are more than 5 simutaneous remote connections can be made at the same time -> A is not correct.
There is no restriction on on the Switch so remote networks can connect to this switch -> C is not correct.
There is no config under “line con 0” so console access to this switch does not require a passowrd -> D is not correct.
All 16 VTY lines are configured to access via SSH only and all of them require a password. The difference is in the “line vty 0 4” configuration, the type of login is specified as “login local”. It means that the switch will not use the password configured under “line vty 0 4” (in this case none was set but it will use the user & password configured in “username ciscouser password 0 cisco” command -> B is correct.
A is correct as we can telnet from line 0 to line 4 (line vty o 4).
We can use both telnet and SSH to connect to this router (transport input telnet ssh) -> B is not correct.
C is correct as we can telnet to it.
D is not correct because by default, the timeout is set to 10 minutes on both the console and the vty ports.
E is not correct as NAT can be used even DHCP is not used.
Privilege mode on RouterA is protected with unencrypted password (via “enable password” command) -> A is correct.
The password of VTY lines is “4t&34rkf”. Although it is unencrypted but it is not a weak password because it has number & special characters inside -> C is not correct.
Although a password of “4t&34rkf” is configured but with the command “login local”, router will use the username of “ciscouser” & password of “cisco” (configured in “username ciscouser privilege 15 password 0 cisco” command) -> D is correct.
By checking the configuration of routerA with the “show run” command. To support web server access it must have the command “ip http server” but it does not -> E is not correct.
The command “no service password-encryption” exists so the password to access privilege mode is not encrypted -> A is correct.
With the “login local” command the VTY lines will require both username and password -> C is not correct.
The username and password are easy to guess as they have common words like “cisco” and “user” -> D is correct.
In all VTY lines only SSH is allowed with the “transport input ssh” -> E is not correct.
To grant privilege level of 15 by default the following commands are required:
line vty 0 4
privilege level 15
or these lines:
username ciscouser privilege 15 password cisco
login local (in “line vty 0 4”)
but none can be found so F is not correct.