What will be disabled as a result of the no service password-recovery command?
Get Latest & Actual 640-554 Exam’s Question and Answers from Passleader.
http://www.passleader.com
A. changes to the config-register setting
B. ROMMON
C. password encryption service
D. aaa new-model global configuration command
E. the xmodem privilege EXEC mode command to recover the Cisco IOS image
Correct Answer: B
Explanation/Reference:
Explanation:
http://www.cisco.com/en/US/products/hw/routers/ps274/products_configuration_example09186a0 0801d8113.shtml
Background
ROMMON security is designed not to allow a person with physical access to the router view the configuration file. ROMMON security disables access to the ROMMON, so that a person cannot set the configuration register to ignore the start-up configuration. ROMMON security is enabled when the router is configured with the no service password-recovery command. Caution:
Because password recovery that uses ROMMON security destroys the configuration, it is recommended that you save the router configuration somewhere off the router, such as on a TFTP server.
Risks
If a router is configured with the no service password-recovery command, this disables all access to the ROMMON. If there is no valid Cisco IOS software image in the Flash memory of the router, the user is not able to use the ROMMON XMODEM command in order to load a new Flash image. In order to fix the router, you must get a new Cisco IOS software image on a Flash SIMM, or on a PCMCIA card, for example on the 3600 Series Routers.
In order to minimize this risk, a customer who uses ROMMON security must also use dual Flash bank memory and put a backup Cisco IOS software image in a separate partition.
