Home > Router Questions

Router Questions

August 7th, 2017 in ROUTE 300-101 Go to comments

Question 1

Explanation

To determine which scheme has been used to encrypt a specific password, check the digit preceding the encrypted string in the configuration file. If that digit is a 7, the password has been encrypted using the weak algorithm. If the digit is a 5, the password has been hashed using the stronger MD5 algorithm.

For example, in the configuration command:

enable secret 5 $1$iUjJ$cDZ03KKGh7mHfX2RSbDqP.

The enable secret has been hashed with MD5, whereas in the command:

username jdoe password 7 07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D

The password has been encrypted using the weak reversible algorithm.

When we enter the “enable secret” command with a number after that, the IOS can specify that the password has been encrypted so it will not encrypt any more and accept that password.

In new Cisco IOS (v15+), it seems the device does not recognize “enable secret 7” command as encrypted password. We tried on Cisco IOS v15.4 and see this:

enable_secret.jpg

When we tried to enter the command “enable secret 7 07362E590E1B1C041B1E124C0A2F2E206832752E1A01134D”, the Cisco IOS automatically change the command to “enable secret 5 $1$dLq2$qgzb4bgdsasX8dx1oHOkD.” (in the running-config file). So if you paste an “enable secret 7 …” command from an old Cisco IOS version, you cannot login any more with your password.

Note: In fact, there is an error with the answer D. As we entered the command in answer D, the router denied the encrypted password because it was not a valid encrypted secret password. That means the router also checked if the password was hashed correctly or not. But it is the best answer in this question.

enable_secret_error.jpg

Question 2

Explanation

Excessive debugs to the console port of a router can cause the router to hang. This is because the router automatically prioritizes console output ahead of other router functions. Hence if the router is processing a large debug output to the console port, it may hang. Hence, if the debug output is excessive use the vty (telnet) ports or the log buffers to obtain your debugs.

Note: By default, logging is enabled on the console port. Hence, the console port always processes debug output even if you are actually using some other port or method (such as Aux, vty or buffer) to capture the output. Hence, Cisco recommends that, under normal operating conditions, you have the no logging console command enabled at all times and use other methods to capture debugs.

To enable logging logging on your virtual terminal connection (telnet), use the “terminal monitor” command under Privileged mode (Router#)

Reference: http://www.cisco.com/c/en/us/support/docs/dial-access/integrated-services-digital-networks-isdn-channel-associated-signaling-cas/10374-debug.html

Question 3

Explanation

Per-packet load-balancing means that the router sends one packet for destination1 over the first path, the second packet for (the same) destination1 over the second path, and so on. Per-packet load balancing guarantees equal load across all links. However, there is potential that the packets may arrive out of order at the destination because differential delay may exist within the network -> Answer D is correct.

When searching the routing table, the router looks for the longest match for the destination IP address prefix. This is done at “process level” (known as process switching), which means that the lookup is considered as just another process queued among other CPU processes

Interrupt-level switching means that when a packet arrives, an interrupt is triggered which causes the CPU to postpone other tasks in order to handle that packet.

In general, process switching is faster then interrupt-level switching and can cause out-of-order packets.

Question 4

Explanation

The command “debug condition interface <interface>” command is used to disable debugging messages for all interfaces except the specified interface so in this case the debug output will be shown on Fa0/1 interface only.

Note: If in this question there was another “debug condition interface fa0/0” command configured then the answer should be C (both interfaces will show debugging ouput).

Question 5

Explanation

There are a few simple steps you can follow to ensure your VTY lines are as secure as possible. The easiest way is to enable username / password authentication. Other ways are to include an access-list to prevent unwanted IP addresses from connecting and use SSH to encrypt the traffic connecting to the device.

Question 6

Explanation

An Integrated Services Router(ISR) router can be implemented an Ethernet Switch Module to perform both IP routing and inter-VLAN routing. With this module, an ISR router will contain interface vlan configurations.

Comments
  1. Elv
    August 3rd, 2017

    where are the questions for this one?

  2. sleepyhead
    August 8th, 2017

    @Elv
    Questions are only available for Premium Members.

  3. RD
    August 15th, 2017

    Q6: why is the answer D? I can also have vlan interfaces without the Ethernet switch module installed. The only real reason for having the L3 vlan interfaces is inter-vlan routing. So the correct answer should be A… Anyone any other thoughts?

  4. anu
    August 16th, 2017

    Under which circumstance will a branch ISR router contain interface vlan configurations?
    A. performing inter-VLAN routing
    B. performing 802.1Q trunking
    C. performing ISL trunking
    D. Ethernet Switch Module installed
    E. ADSL WIC installed
    F. running Call Manager Express

    Whats the correct ans for this A or D?

  5. Anonymous
    August 22nd, 2017
  6. Anonymous
    August 22nd, 2017

    I wonder what all the people here are asking for these materials.

  7. Anonymous
    August 23rd, 2017

    I think the answer to Question : Under which circumstance will a branch ISR router contain interface vlan configurations?
    Answer A

  8. Anonymous
    August 25th, 2017

    Routers do not care about VLANs unless they have an etherswitch module. Remember Router-on-a-stick???

  9. poponim
    August 28th, 2017

    Have you taken any exams recently?
    I’m still anxious to go to the test with 434 Q.

  10. Steffy
    August 28th, 2017

    Hello, for latest valid dump with continuous update, please contact me at steffyshirls @ gmail .com

  11. Anonymous
    September 21st, 2017

    Hello, could you send me the latest dumps and crack gns please?
    pinkmanreis@ g m a i l . c o m

  12. Heisenberg
    September 28th, 2017

    Hey Can anybody tell me where can i find the questions? I can find the answers here on this web site however i could not find the question for them. Kindly help to find them

  13. Little_Ant
    September 29th, 2017

    Can someone shoot me the IT-Libraries Dumps, please? ajmchie at hotmail dot com. Thank you!

  14. mslahore1
    October 1st, 2017

    any need 470Q send me email on mslahore1 at gmail dot com

  15. teeny
    October 4th, 2017

    Hy I can get this latest presentation of 300-101 Exam. I think its too good for preparation. I want to share with you. https://www.dropbox.com/s/a5mqy3jvfkugsfd/Get%20Latest%20300-101%20Dumps%20To%20Pass%20Cisco%20Exam%20in%2024%20Hours.pdf?dl=0

  16. 1WAY
    October 7th, 2017

    Q3. Answers are correct but the explanation seems a little off. I would have thought ‘Interrupt switching’ was faster than ‘Process Switching’.

    See last paragraph:

    https://www.cisco.com/c/en/us/support/docs/ip/express-forwarding-cef/13706-20.html

  17. Anonymous
    October 12th, 2017

    Can anyone send me the latest dump to questionmaster34 @ outlook dot com
    Thank you in advance!

  1. No trackbacks yet.