Which two are the limitations of the service password-encryption command? (Choose two.)
A.
It uses the MD5 algorithm for password hashing.
B.
It uses the Vigenere cipher algorithm.
C.
An observer cannot read the password when looking at the administrator’s screen.
D.
The algorithm used by this command cannot protect the configuration files against detailed analysis by
attackers.
Explanation:
The following are limitations of the service password-encryption command:
It uses the Vigenere cipher algorithm, which is simple in nature.
A cryptographer can easily crack the algorithm in a few hours.
The algorithm used by this command cannot protect the configuration files against detailed analysis by
attackers.
The service password-encryption command does not use the MD5 algorithm for password hashing. The MD5
algorithm is used by the enable secret command.
The option stating that an observer cannot read the password when looking at the administrator’s screen is
incorrect because this is an advantage of the service password-encryption command.
Objective:
Infrastructure Security
Sub-Objective:
Configure, verify, and troubleshoot basic device hardeningCisco Documentation > Cisco IOS Security Command Reference, Release 12.4 > service password-encryption
Cisco > Tech Notes > Cisco Guide to Harden Cisco IOS Devices > Document ID: 13608