What will happen if you try to recover the password on the Cisco IPS 4200 Series appliance on which password recovery is disabled?
A.
The GRUB menu will be disabled.
B.
The ROM monitor command to reset the password will be disabled.
C.
The password recovery process will proceed with no errors or warnings; however, the password is not reset.
D.
The Cisco IPS appliance will reboot immediately.
Explanation:
http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_troubleshooting.ht ml#wp1139544
If you try to recover the password on a sensor on which password recovery is disabled, the process proceeds with no errors or warnings; however, the password is
not reset. If you cannot log in to the sensor because you have forgotten the password, and password recovery is set to disabled, you must reimage your sensor.
You have the ability to disable password recovery if required (it is enabled by default). Follow these steps to disable password recovery from the CLI:
Step 1. Log in to the CLI using administrative privileges. Step 2. Enter global configuration mode followed by host mode:
sensor# configure terminal
sensor(config)# service host
Step 3. Disable password recovery:
sensor(config-host)# password-recovery disallowed
Note: If an admin/user tries to recover the password on a sensor that is disabled, the process proceeds with no errors or warnings; however, the password is not
reset. Follow these steps to disable password recovery from the Cisco IDM:
Step 1. Log in to the Cisco IDM using administrative privileges. Step 2. Navigate to Configuration > Sensor Setup > Network. Step 3. Disable password recovery bydeselecting the Allow Password Recovery check box.