What will be disabled as a result of the no service password-recovery command?

What will be disabled as a result of the no service password-recovery command?

What will be disabled as a result of the no service password-recovery command?

A.
changes to the config-register setting

B.
ROMMON

C.
password encryption service

D.
aaa new-model global configuration command

E.
the xmodem privilege EXEC mode command to recover the Cisco IOS image

Explanation:
http://www.cisco.com/en/US/products/hw/routers/ps274/products_configuration_example09186a
00801d8113.shtml
Background
ROMMON security is designed not to allow a person with physical access to the router view the
configuration file. ROMMON security disables access to the ROMMON, so that a person cannot set
the configuration register to ignore the start-up configuration. ROMMON security is enabled when
the router is configured with the no service password-recovery command.
Caution: Because password recovery that uses ROMMON security destroys the configuration, it is
recommended that you save the router configuration somewhere off the router, such as on a TFTP
server.
Risks
If a router is configured with the no service password-recovery command, this disables all access to
the ROMMON. If there is no valid Cisco IOS software image in the Flash memory of the router, the
user is not able to use the ROMMON XMODEM command in order to load a new Flash image. In
order to fix the router, you must get a new Cisco IOS software image on a Flash SIMM, or on a
PCMCIA card, for example on the 3600 Series Routers.
In order to minimize this risk, a customer who uses ROMMON security must also use dual Flash bank
memory and put a backup Cisco IOS software image in a separate partition.



Leave a Reply 0

Your email address will not be published. Required fields are marked *