PrepAway - Latest Free Exam Questions & Answers

Which of the following statements is true regarding the…

Which of the following statements is true regarding the primary bootset when the Cisco IOS Resilient
Configuration feature is enabled? (Select the best answer.)

PrepAway - Latest Free Exam Questions & Answers

A.
The configuration file can be secured on a TFTP server, but the system image must be secured on local
storage.

B.
The system image can be secured on a TFTP server, but the configuration file must be secured on local
storage.

C.
The configuration file and the system image must both be secured on local storage.

D.
The configuration file and the system image must both be secured on remote storage.

Explanation:
The configuration file and the system image must both be secured on local storage when the Cisco IOS
Resilient Configuration feature is enabled. The Resilient Configuration feature is designed to protect system
and configuration files from tampering and accidental deletion. You can issue the following block of commands
to enable the Resilient Configuration feature:
Router#configure terminal
Router(config)#secure bootimage
Router(config)#secure bootconfig
When the feature is enabled, the primary system image file and associated running configuration are securely
archived in local persistent storage? you cannot select a remote storage location. The secure bootimage
command enables the image resilience component of the Resilient Configuration feature and effectively hidesthe system image from the directory structure. This means that the system image will no longer be displayed
when the dir command is issued from the command prompt of an EXEC shell. In addition, because the system
image file is not copied to a secure location, extra storage is not required to secure it. By contrast, the secure
bootconfig command creates a hidden copy of the running configuration file. The secured versions of the
system image and running configuration are referred to as the primary bootset.
You can restore either or both components of the primary bootset at any time. The system image can be
restored from readonly memory (ROM) monitor (ROMmon) mode and the running configuration can be
restored from the global configuration mode by using the restore parameter of the secure bootconfig command.
Once the system image and running configuration have been secured, the router will track version mismatches
and produce a console message if the system image or running configuration have mismatched versions. Once
the Resilient Configuration feature is enabled, it can only be disabled from the console.

Cisco: Cisco IOS Resilient Configuration: Feature Design of Cisco IOS Resilient ConfigurationCategory: Secure
Routing and Switching


Leave a Reply