Appendix  ■   Answers to Practice Test Questions  93

Appendix 

  Answers to Practice Test Questions

crypto key generate rsa will generate the encryption keys for SSH. 

You will be asked for the key strength, called the modulus, which should be over 768 

bits to support SSH version 2, or you can supply the modulus with the full command 

of 

crypto key generate rsa modulus 2048. The command generate crypto 

configuration prompt is incorrect. The command 

crypto key generate rsa entered in 

privilege exec mode is incorrect.

switch or router, you will need to configure the line(s) that will use local authentication. 

The command used inside of the line is 

login local. This will apply to all the transport 

methods configured on the line. The command 

new aaa model is incorrect. The 

command 

local authentication entered in global configuration mode is incorrect. The 

command 

local authentication entered in the config-line prompt is incorrect.

The MOTD banner will be displayed when a user logs in locally. After a user logs in, the 

exec banner or incoming banner will be displayed.

 96.  C.  The command 

copy tftp: running-config will ask for the TFTP server address, 

source filename, and destination filename. It will then proceed to copy the file over the 

network from the TFTP server. The command 

archive tftp: running-config is 

incorrect. The command 

restore tftp://192.168.1.2 running-config is incorrect. 

The command 

copy server: running-config is incorrect.

 97.  A.  The command 

copy tftp flash will begin an interactive upgrade dialog. The dialog 

will ask for the IP address of the TFTP server, the source filename on the TFTP server, 

and the destination filename. It will then begin transferring the image. The command 

copy tftp ios is incorrect. The command copy tftp nvram is incorrect. The command 

upgrade tftp flash is incorrect.

boot system c2900-universalk9-mz.SPA.151-4.M4.bin 

tftp://192.168.1.2 will configure the router for booting of the image named c2900-

universalk9-mz.SPA.151-4.M4.bin from the 192.168.1.2 TFTP server. Under normal 

circumstances, this should not be used in production environments since the router 

boot process is dependent upon the availability of the TFTP server. The command 

boot tftp://192.168.1.2 is incorrect. The command boot tftp://192.168.1.2 

c2900-universalk9-mz.SPA.151-4.M4.bin is incorrect. The command boot system 

tftp://192.168.1.2 c2900-universalk9-mz.SPA.151-4.M4.bin is incorrect.

 99.  B.  The IOS is stored on the flash card. Since the flash card is brand-new, nothing is on 

it. When the router boots, it will not find the IOS and will boot into ROMMON mode. 

From ROMMON mode, you will configure an IP address, subnet mask, gateway, TFTP 

server, and image and initiate a TFTP download to flash. Once the IOS is downloaded to 

flash memory, you can boot the router and verify operations. New flash memory will not 

contain a mini-IOS installed from the factory. You cannot format the flash card with the 

FAT file system, as the IOS requires its own file system to be formatted.

Chapter 5: Security Fundamentals (Domain 5) 

Download 8,04 Mb.

Do'stlaringiz bilan baham: