You have been asked to enable the Cisco IOS Resilient Configuration feature on a Cisco router. You issue thefollowing commands on the router:
Router#configure terminal
Router(config)#secure boot-image
Which of the following commands are you most likely to issue next to complete the configuration? (Select the
best answer.)
A.
reload
B.
confreg 0x2102
C.
secure boot-config
D.
secure boot-config restore
Explanation:
Most likely, you will next issue the secure boot-config command if you are enabling the Cisco IOS Resilient
Configuration feature on a Cisco router. The Resilient Configuration feature is designed to protect system and
configuration files from tampering and accidental deletion. You can issue the following block of commands to
enable the Resilient Configuration feature:
Router#configure terminal
Router(config)#secure boot-image
Router(config)#secure boot-config
When the feature is enabled, the primary system image file and associated running configuration are securely
archived in local persistent storage? you cannot select a remote storage location. The secure boot-image
command enables the image resilience component of the Resilient Configuration feature and effectively hides
the system image from the directory structure. This means that the system image will no longer be displayed
when the dir command is issued from the command prompt of an EXEC shell? you can issue the show secure
bootset command to verify that the system image has been archived. In addition, because the system image
file is not copied to a secure location, extra storage is not required to secure it. By contrast, the secure
bootconfig command creates a hidden copy of the running configuration file. The secured versions of the
system image and running configuration are referred to as the primary bootset.
Once the system image and running configuration have been secured, the router will track version mismatches
and produce a console message if the system image or running configuration have mismatched versions. Once
the Resilient Configuration feature is enabled, it can only be disabled from the console.
You would not issue the confreg 0x2102 command. The confreg 0x2102 command configures the router to
load an IOS image from flash memory. This is the factory default setting on a Cisco router. You would not issue
the secure boot-config restore command. You would issue the secure boot-config restore filename command,
where filename is the filesystem and file name under which you want to save the restored file, only if you were
attempting to recover the hidden running configuration. The secure boot-config command should be issued
from global configuration mode.
You would not issue the reload command. The reload command reloads the startup configuration into the
running configuration. Issuing the reload command is not required to enable the Cisco IOS Resilient
Configuration feature.Cisco: Cisco IOS Resilient Configuration: Feature Design of Cisco IOS Resilient Configuration