Home > Security Testlet

Security Testlet

May 20th, 2015 in ICND1, ICND1 100-101 Go to comments

Question

 

 

Security_SIM.jpg

Not sure about the requirement of this question but it is something like this:

Before this switch and router can be put to use in the network, what security risks can be found…

We are still not sure about the configurations in this sim but we got some information to share with you (updated on December-07-2011. Thanks Joe Mendola, xallax and many candidates who share the information!):

Maybe this is the configurations on Router and Switch (but notice that they are surely missing something):

ROUTER A CONFIGURATION

!
no service password-encryption
!
enable password cisco
!
username ciscouser privilege 15 password 0 cisco
!
banner motd ^CWelcome! If you encountered any problem, please consult the administrator^C
!
line vty 0 4
password 4t&34rkf
login local
transport input telnet ssh
!

 

SWITCH A CONFIGURATION

!
!
no service password-encryption
!
hostname switch1
enable password cisco
username ciscouser password 0 cisco
ip domain-name cisco.com

banner login ^c
************ welcome to Switch1. If you encountered any problem, please consult the administrator ************* ^c

line con 0
line vty 0 4
login login local
transport input ssh
line vty 5 15
login local
transport input ssh

Note: This is just what we gather and guess. In the exam the configurations may be different so make sure you understand about “enable secret”, “enable password”, “login”, “login local”, “transport input”, “line vty”, “service password-encryption”, “bannder motd”, “privilege” before taking this exam!

This sim has 4 questions:

Question 1

Identify security threats on RouterA (select 3)

A. unencrypted password set
B. unsecured message on banner
C. remote access can only be made through telnet or SSH
D. user gets level 15 automatically by default

 

Answer: A C D

Guideline to answer this question:

Because the “service password-encryption” is not set on RouterA so the password to access privileged mode (via the command “enable password cisco”) is unencrypted. Also, the password for VTY is unencrypted (notice that the password “4t&34rkf” is in fact unencrypted) -> A is correct.

Although the banner says “Welcome …” but it does not leak any security information so it is still safe -> B is not correct.

From the command “transport input telnet ssh” we learn that remote access can be mad through telnet or SSH. This is also the default setting of Cisco router -> C is correct.

In the “line vty 0 4″ configuration, the type of login is specified as “login local”. It means that the router will not use the password configured under “line vty 0 4″ (in this case “4t&34rkf”) but it will use the user & password configured in “username ciscouser privilege 15 password cisco” command. The command “username ciscouser privilege 15 password cisco” will grant the privilege of 15 for “ciscouser” user -> D is correct.

Question 2

Which two of the following are true regarding the configuration of RouterA (choose two)

A. at least 5 simultaneous remote connect are possible
B. only telnet protocol connections to Router A are supported
C. remotely connection to RouterA using telnet will succeed
D. console line connection will never time out due to inactivity
E. since DHCP is not used on Fa0/1 there is not a need to use the NAT protocol

 

Answer: A C

Guideline to answer this question:

A is correct as we can telnet from line 0 to line 4 (line vty o 4).

We can use both telnet and SSH to connect to this router (transport input telnet ssh) -> B is not correct.

C is correct as we can telnet to it.

D is not correct because by default, the timeout is set to 10 minutes on both the console and the vty ports.

E is not correct as NAT can be used even DHCP is not used.

Question 3

Select the options which are security issues which need to be modified before RouterA is used (not sure how many answers we can choose)

A. unencrypted weak password is configured to protect privilege mode
B. inappropriate wording in banner message
C. the virtual terminal lines have weak password configured
D. virtual terminal lines have a password, but it will not be used
E. configuration supports in-secure web server access

 

Answer: A D

Guideline to answer this question:

Privilege mode on RouterA is protected with unencrypted password (via “enable password” command) -> A is correct.

B is not correct as mentioned above.

The password of VTY lines is “4t&34rkf”. Although it is unencrypted but it is not a weak password because it has number & special characters inside -> C is not correct.

Although a password of “4t&34rkf” is configured but with the command “login local”, router will use the username of “ciscouser” & password of “cisco” (configured in “username ciscouser privilege 15 password 0 cisco” command) -> D is correct.

By checking the configuration of routerA with the “show run” command. To support web server access it must have the command “ip http server” but it does not -> E is not correct.

Question 4

Select three options which are security issues with the current configuration of Switch A. (Choose three)

A. privilege mode is protected with an unencrypted password
B. inappropriate wording in banner message
C. virtual terminal lines are protected only by a password requirement
D. both the username and password are weak
E. telnet connections can be used to remotely manage the switch
F. Cisco user will be granted privilege level 15 by default

 

Answer: not sure

Guideline to answer this question:

We haven’t had enough information about switch configuration so we can’t be sure about the correct answers but the below is a guideline:

Answer B is surely not correct as the wording in banner does not leak any security information.

If under “line vty 0 4″ you see the “login” command but it does not have a password then maybe answer C is correct. In this case if we try to telnet/ssh to the switch then we will receive a message “Password required, but none set” then we are kicked out ^^.

If you see popular username and password then maybe answer D is correct.

If the command “transport input …” specifies “telnet” as a method then answer E is correct.

For answer F, if you see something like this:

line vty 0 4
privilege level 15

or these lines:

username ciscouser privilege 15 password cisco

and

login local (in “line vty 0 4″)

then answer F is correct.

———————————-

Hope you will contribute your experience about this sim after taking the ICND1 exam. We will post here when we get new information about this sim as soon as possible.

Comments (465) Comments
Comment pages
1 3 4 5 115
  1. CCENT Student
    August 15th, 2014

    Took my test today, a variation of these security sim questions were on there. Used Cisco Press CCENT book, 9tut, and packet tracer to study. Good luck studying everyone!

  2. Anonymous
    August 18th, 2014

    Gave my test today got 973 …this question was on it amidst the confusion before i forget ..the simulation is the same …with you having to enter router A and switch A and do the sh run command to see the running config……the questions and answers have slight diff variation

    The router and switch confif have”no login commands instead of what is mentioned above”…..so any attempt to telnet gets straight entry to the user mode where it will ask the password and username….which is a correct option in the answers

    in Q1: option C is > remote access can only be made through Telnet(“see ssh is not included so hence this option is automatically wrong”)

    extra option E is right as mentioned above along with the unsecure banner…..so in short the right options are unsecure banner and option E saying any attempt to telnet will get straight access to user mode password and username…

    PS: i choose those two and have a 100% on that section so go for it ….if you feel its right but again it might vary with your questions so good luck everyone

  3. Cybs
    August 25th, 2014

    If you believe The transcender, for question 4, B is a correct answer. Basically, a hacker could make the argument that they were invited in so it is a security issue.

  4. Whatever
    September 1st, 2014

    Why in earth would you brainiacs intentionally compromise a test, risking your own certifications, and make it easier for someone to pass without knowing all the information they should, which puts networks and data (possibly your own, remember)? Just love of cheating and breaking the rules? Getting one over in “the man?”

  5. Anon
    September 5th, 2014

    A version of this was the opening question on the test today. Know these commands, and you’ll be off to a good start.

  6. Saudi Mizer
    September 6th, 2014

    Had this testlet on exam yesterday. The questions were slightly different then shown on this page but along the same lines.

  7. France
    September 8th, 2014

    A – at least 5 simultaneous remote connect are possible on Router A ?

    That should be wrong. At maximum 5 connections not at least.

    Can you double check?

  8. Dolphi
    September 8th, 2014

    @France

    Kindly triple check the explanation?

  9. France
    September 8th, 2014

    Question 2

    Which two of the following are true regarding the configuration of RouterA (choose two)

    A. at least 5 simultaneous remote connect are possible

    Answer: A C

    line vty 0 4
    password 4t&34rkf
    login local
    transport input telnet ssh

    If it 0-6 I would understand if somebody would say “at least five connections”. But in this case 5 is the maximum.

    Thank you replying.

  10. Anonymous
    September 13th, 2014

    if any one need latest dumps send us a working g mail id with password on
    game.rose@hotmail.com

  11. aminou
    September 14th, 2014

    Hi,
    This is what i found during exam
    for Router
    !
    !
    no service password-encryption
    !
    hostname Router1
    enable secret 5 $1$14mlkm52….
    ip domain-name cisco.com
    ip ssh version 2
    !
    !
    username ciscouser password 0 cisco
    banner login ^c
    ************ welcome to router1 If you encountered any problem, please consult the administrator ************* ^c
    !
    line con 0
    password cisco
    line vty 0 4
    password 4thfcvcf
    no login
    transport input telnet ssh

    for switch

    !
    !
    no service password-encryption
    !
    hostname switch1
    enable password cisco
    username ciscouser password 0 cisco
    ip domain-name cisco.com

    banner login ^c
    ************ welcome to router1 If you encountered any problem, please consult the administrator ************* ^c

    line con 0
    line vty 0 4
    login login local
    transport input ssh
    line vty 5 15
    login local
    transport input ssh

    the question are the same
    good luck

  12. France
    September 18th, 2014

    @aminou

    Could you post the answer you gave. That’s the only simlet I get wrong. Thanks

  13. aminou
    September 23rd, 2014

    @France

    normally that’s my answer :

    Select two options which are security Issues which need to be modified before RouterA is used? (Choose
    two.)
    A. unencrypted weak password is configured to protect privilege mode
    B. inappropriate wording in banner message
    C. the virtual terminal lines have a weak password configured
    D. virtual terminal lines have a password, but it will not be used
    E. configuration supports un-secure web server access

    my answer: BD

    Select three options which are security issues with the current configuration of SwitchA . (Choose three.)
    A. privilege mode is protected with an unencrypted password
    B. inappropriate wording in banner message
    C. virtual terminal lines are protected only by a password requirement
    D. both the username and password are weak
    E. telnet connections can be used to remotely manage the switch
    F. cisco user will be granted privilege level 15 by default

    my answer: ABD

    Which two of the following are true regarding the configuration of RouterA? (Choose two.)
    A. at least 5 simultaneous remote connections are possible
    B. only telnet protocol connections to RouterA are supported
    C. remote connections to RouterA using telnet will succeed
    D. console line connections will nevertime out due to inactivity
    E. since DHCP is not used on FaO/1 there is not a need to use the NAT protocol

    my answer:AC

    Which of the following is true regarding the configuration of SwitchA?
    A. only 5 simultaneous remote connections are possible
    B. remote connections using ssh will require a username and password
    C. only connections from the local network will be possible
    D. console access to SwitchA requires a password

    my answer:B

  14. Son of the Prophet
    September 24th, 2014

    Passed ICND1 today, 920!! Thanks 9tut, this security testlet was on there… this was the only part of the test i had difficulty on.

  15. Mickey
    October 2nd, 2014

    Passed today. This sim was in the exam. Questions pretty much similar. Answers a little ambiguous and debatable in my opinion. Thank you!

  16. Melton
    October 10th, 2014

    Hello All,
    I am Writing My ICND1 Exam next week. Could anyone send me the latest dumps to
    meltonrox@gmail.com

    Thanks and Regards
    Melton

  17. Shine
    October 17th, 2014

    I am scheduled to take the ICND1 exam in a couple weeks and I have seen different answers for the MOTD banner and the use of the word “Welcome” as a security risk. Does anyone have the official word on this as a correct answer for Q1, Q3 and Q4?? Seems like they like using it as an answer option.

    Thanks in advance!
    Shine

  18. Anonymous
    October 23rd, 2014

    Taking my test this Friday, please send dumps and tips to MJBAZ90@gmail.com. Thanks for your support, and good luck to future test takers.

  19. NetworkLover
    November 10th, 2014

    @Whatever
    Nobody will pass purely on this site alone. You need to understand the concepts too. This site is helpful to experience the formats of questioning which study alone does not provide. The Cisco question makers can be quite unfair themselves

  20. FirstTimer
    December 2nd, 2014

    I sat for my ICND1 today and had this security testlet…with some slight variations. Studied 9tut, Chris Bryant video course on UDEMY for about 3 weeks, and got a 973 on first try. It was very a hard exam, but got the basics down of OSI and subnetting before concentrating on all the brain dump questions. That helps a lot with time mgmt on the test, then you can take your time and think about the scenarios and SIM questions longer without getting stressed.

  21. Edd
    December 9th, 2014

    Passed this week, was 50 questions and 3 labs- this one, ospf and show config sim. If to know the concept possible to pass. Study cbtnugets videos,book icnd1 and dumps. and time on the exam going fast be ready to have sim labs on the beginning of the test or at the end. Plan your time.

  22. SR
    December 13th, 2014

    A word about the banner messages. According to Cisco “Introduction to Networks – Companion Guide”, pg 94-95:

    “Any wording that implies that a login is ‘welcome’ or ‘invited’ is not appropriate. If a person disrupts the network after gaining unauthorized entry, proving liability will be difficult if there is the appearance of an invitation. The creation of banners is a simple process; however, banners should be used appropriately. When a banner is utilized, it should never welcome someone to the device. It should detail that only authorized personnel are allowed to access the device.”

  23. rahuladhyatm@gmail.com
    December 29th, 2014

    i am from india & i am unable to make payment through my debit card , my account is created in 9tut.net. i want to give the icnd1 exam before 10 january. so please resolve my query as soon as possible.

  24. Adam
    January 12th, 2015

    I had this labsim on my test today. Killed it. Make sure you understand the components because they might change a little.

  25. Chris C
    January 15th, 2015

    Have spoken to a collegue who has done CCNP Route & Switch & CCNA Security and it looks like Cisco consider a poorly worded MOTD a security risk. Word it wrong and you are “inviting” unauthorised people into your network.

  26. yemen_sky
    January 15th, 2015

    In this q you must know the banner messages should not be welcome in both login banner and motd banner if you do this messages with welcome, you will not able to trucking the sponger.

  27. Anonymous
    January 23rd, 2015

    Question 4

    Select three options which are security issues with the current configuration of Switch A. (Choose three)

    A. privilege mode is protected with an unencrypted password
    B. inappropriate wording in banner message
    C. virtual terminal lines are protected only by a password requirement
    D. both the username and password are weak
    E. telnet connections can be used to remotely manage the switch
    F. Cisco user will be granted privilege level 15 by default

    Answer: not sure

    Real world ANSWER is C, D, F ……15 by default being the worst sin here.
    C. they are fishing for Access-Class to be applied.

    and to the “banner” guy…..are you F’ing kidding me?

    the BANNER, that is what you think is the issue?

    Maybe Cisco’s test team is THAT messed up in the head that they think that is the important flaw, but a banner misprint is not going to make it harder for a hacker to bring you down…and it won’t make prosecution of said hacker any easier.

  28. Sean
    January 26th, 2015

    Anonymous guy above me: C, E, and F are incorrect. Maybe you were looking at the router config? C- vty lines say login local below them which means username and password E-both transport inputs say ssh F- Wrong because either there’s no 15 there (if you put that exact command in, privilege level will be by default 1 although it does show the level regardless in packet tracer config) OR because answer says cisco (space) user while the config shows ciscouser.

    As far as the banner thing goes:

    Im not sure if im talking out of my ass here, but ive read that cisco has systems to find brain dumps users and maybe one of their systems is putting questions with ridiculous answers that are super technically the correct/best answer. Answers you’d only know if A. you’ve read and gone through every resource available for the exam or B. you’ve done the brain dumps.
    I’m thinking that as far as the banner thing goes, it’s a legality kind of thing which prevails over everything in this world we live in. Yes, more then likely the hacker is intelligent enough to not get caught and yes, the security is so weak that it wouldn’t require much “hacking” to get in. It’s an answer which most people would only pick after going through their options 5 times, not being able to find the most correct 3rd answer.

  29. Anonymous
    January 30th, 2015

    Scored 973 on my test today, but made 88% percent on Device Security. The sim is just little different than shown here. Very debatable section, in my opinion. I would consider a MOTD banner than says “Welcome” to be insecure from my studies. Not sure what they are looking for here.

  30. Russian
    February 5th, 2015

    Русский комментарий))
    Спасибо, 9tut!

  31. Splitcore
    February 15th, 2015

    Hi guys! If someone could be so kind as to email me the latest dumps please? fauriehendrik@gmail.com.
    Good luck all!

  32. Greek Guy!
    February 18th, 2015

    Hey fellas, I took the test 3 times and am going to take it a 4th this or next week. COuld you send me those dumps I’ve been hearing about?

    misterlaxx@hotmail.com

  33. HR
    February 19th, 2015

    I am taking icnd1 exam in two weeks.
    Pls send me latest Dumps
    hazzaz99@yahoo.com

  34. JB
    February 21st, 2015

    Hey Guys im taking ICND1 exam in a week anyone has the latest Dumps pls ? my e-mail is alkebu2lan@gmail.com

  35. Abdelrahman
    February 24th, 2015

    i get it 947 .. thanks 9tut

  36. Gerardo
    February 28th, 2015

    Hi,

    is the banner motd a security threat?? and why??

    Thanks

  37. HR
    March 1st, 2015

    Anonymous

    Banner is insecure, right?

  38. rasari
    March 8th, 2015

    taking ICND1 on 14th pls email latest dumps to rasari03@yahoo|dot|com

  39. Anonymous
    March 8th, 2015

    I was not happy with cisco on th 6 of this month. I was to write but when i was to write the car had a problemso thry called them and they fixed it from there but due to that my exams were pre-terminated and ever my school made calls upon calls but they tranfer calls from one person to another. Till now i dont even know when im to write or whqt to do im so angry with cisco. I dnt think person vue did well after all i went throw to write but could not still write thats bad

  40. tabi
    March 8th, 2015

    I pray person vue makes things to work for me tomorrow cause if they cqnt do anything they should give back

  41. Dubai
    March 10th, 2015

    Hey Guys, I am taking the ICND1 tomorrow here in Dubai. Is anyone can give me some advice about the exam. How many multiple question is there and how many lab sim and security testlet in the exam. Is that accurate that 80 to 90% of the questions is from here in 9tut? How true is that? As in same same question? Thank you for who will answer all my question.

  42. Tica
    March 11th, 2015

    Is it better to take two exams or only one? Opinions
    Thanks

  43. tranceplante
    March 20th, 2015

    I think the exam gives out wrong answers:
    look at this image: http://www.creativeme.ca/screenshot.png

    Cheers

  44. Anonymous
    March 23rd, 2015

    Tomorrow 24-5-2015 is my Exam for CCNA, any advice. Thanks

  45. Ubuntu-Cisco Lover
    March 23rd, 2015

    Hello Guys ,
    Tomorrow 24-5-2015 is my Exam for CCNA, any advice. i am looking for practicing

  46. Ahmed
    March 28th, 2015

    same security lab sim in icnd1 exam (one exception: both the router and switch config have”no login” commands instead of “login” command that is mentioned in the sim). Make sure you understand concept well.

  47. Give Me Some
    April 5th, 2015

    hi there. im just preparing to take the exam this April. Could someone give me the most recent CCNA dumps so it can help me a lot in my exam. 9tut please send it to my email address balsales28@gmail.com

    thanks a lot..

  48. Amine
    April 21st, 2015

    Today I just passed my ICND1 exam 907/1000 thank 9tut almost of questions was there.

  49. Musaddiq
    April 21st, 2015

    Tomorrow is my ICND1 exam, any advice?

  50. Cheryl
    April 28th, 2015

    Hi, Please send dumps for ICND1 only to cheryl.courtney@live.com

    Thank you!

  51. keepo
    May 11th, 2015

    this was on my ICDN 1 test with different numbers but same questions today

  52. Anonymous
    May 18th, 2015

    Hi, Please send dumps for ICND1 only to gmboya12@yahoo.com now

  53. sinnavan
    May 20th, 2015

    very nice site i got 986/1000 still valid

  54. Dan
    May 20th, 2015

    on the security testlet sim with premium.

    “select two options which are security issues which need to be modified before RouterA is used?(choose two)

    Above it says that inappropriate wording in banner message is incorrect but on the sim it says that is the answer.. which doesnt make sense because the banner says nothing that would leak security information. It only says contact the admin.
    Also it says unencrypted weak password is configured to protect privledge mode.. There is indeed an unencrypted password which would make this answer true.. but it does not mark it as correct.. please explain and or fix

  55. Anonymous
    May 27th, 2015

    GET LATEST VCE and PDF Format Dumps here
    100% Valid passing material.

    http://goo.gl/VYwp7H

  56. KingRich
    May 28th, 2015

    Switch Banner is “unsecure” according to Cisco Best Practices – because it contains the device name:

    http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Security/SAFE_RG/SAFE_rg/chap2.html#wp1053122

    “From a security standpoint, rather than a legal, a legal notification banner should not contain any specific information about the device, such as its NAME, model, software, location, operator, or owner because this kind of information may be useful to an attacker.”

  57. Leona2km
    June 7th, 2015

    Hey, I’m struggling a bit here. These answers are different from the ones found on the Testlet this site offers.

    IE.
    This question is not even listed here, but…

    Which of the following is true regarding the configuration of SwitchA?
    A. Only 5 simultaneous remote connections are possible
    B. Only connections from the local network will be possible
    C. Console access to SwitchA requires a password
    D. Remote connections using SSH will require a username and password
    (Tells me the answer should be D)

    The next one was question 3 on here, asking for two answers- it told me the correct answers were B D (while this page says A D)

    The final one was question 4 on here, with the correct answers being A, B, D (while this page says it doesn’t have the correct answers)…

    I guess I am just wondering if the Flash Testlet is correct, or if this page is correct.

  58. Zia
    June 11th, 2015

    Tomorrow i have ICND1 exam @ 1030am

  59. Anonymous
    June 12th, 2015

    I’ve got mine @ 1100am

  60. Rafael
    June 15th, 2015

    15th i have ICND 1 exam pls email latest dumps to rafaspfc@gmail.com

  61. devid-net
    June 17th, 2015

    Passed ICND1 Today(17/06/2015) with a score of 947 . All question From 9tut.net . LABS ( security simlet + OSPF adjacence problems + show config lab ).

  62. Indika
    June 18th, 2015

    Hello All,

    I am Writing My ICND1 Exam next week. Could anyone send me the latest dumps to
    dharmasena.indika@gmail.com

    Thanks and Regards
    Indika

  63. Peekay
    June 22nd, 2015

    am about to take icnd1 exam wish me luck guys…..SCI-BONO

  64. zad
    June 24th, 2015

    Question 1 seems wrong, you can’t have a banner that says welcome, because it will mean a hacker can claim they where not trespassing in court because it said welcome, it should say “..unauthorized access will be prosecuted under the law..”

  65. Maverick
    July 2nd, 2015

    This sim was in exam. Banner thingy is difficult.

Comment pages
1 3 4 5 115
Add a Comment