Last Updated on August 7, 2021 by Admin 3
Which Cisco command keeps unauthorized users from viewing passwords in the router configuration file?
- enable secret
- enable password
- enable encryption
- service encryption
- service password-encryption
The service password-encryption global configuration mode command keeps unauthorized users from viewing passwords in the router configuration file. The service password-encryption command encrypts all current and future passwords configured on the router, including the line password, virtual terminal password, console password, user name password, routing protocol passwords such as BGP neighbor passwords, the privileged command password, and authentication key passwords. Moreover, it encrypts any future passwords created on the router.
The encryption process occurs whenever the current configuration is built or a password is configured. The service password-encryption command will cause the router configuration file to display encrypted characters instead of passwords when the running-configuration or startup-configuration files are viewed.
The enable password command creates a password that will be required to enter privileged EXEC mode, but the password will not be encrypted.
The enable secret command provides encryption to the enable mode passwords but does not apply globally to all passwords configured on the router. It also does not encrypt any future passwords created on the router.
The enable encryption and service encryption commands are invalid.
Configure, verify, and troubleshoot basic device hardening