Refer to the exhibit.
What does the option secret 5 in the username global configuration mode command indicate
about the user password?
A.
It is hashed using SHA.
B.
It is encrypted using DH group 5.
C.
It is hashed using MD5.
D.
It is encrypted using the service password-encryption command.
E.
It is hashed using a proprietary Cisco hashing algorithm.
F.
It is encrypted using a proprietary Cisco encryption algorithm.
Explanation:
Feature Overview
Using the Enhanced Password Security feature, you can configure MD5 encryption for username
passwords.
Before the introduction of this feature there were two types of passwords associated with
usernames. Type 0 is a clear text password visible to any user who has access to privileged mode
on the router. Type 7 is a password with a weak, exclusive-or type encryption. Type 7 passwords
can be retrieved from the encrypted text by using publicly available tools.
MD5 encryption is a one-way hash function that makes reversal of an encrypted password
impossible, providing strong encryption protection. Using MD5 encryption, you cannot retrieve
clear text passwords. MD5 encrypted passwords cannot be used with protocols that require that
the clear text password be retrievable, such as Challenge Handshake Authentication Protocol
(CHAP).
Use the username (secret) command to configure a user name and an associated MD5 encrypted
secret.
Configuring Enhanced Security Password
Router(config)# username name secret 0 password
Configures a username and encrypts a clear text password with MD5 encryption.
or
Router(config)# username name secret 5 encrypted-secret
Configures a username and enters an MD5 encrypted text string which is stored as the MD5
encrypted password for the specified username.
Reference: http://www.cisco.com/en/US/docs/ios/12_0s/feature/guide/120s_md5.html