CCNA: Cisco Certified Network Associate — Question 1293

After a recent security breach and a RADIUS failure, an engineer must secure the console port of each enterprise router with a local username and password.
Which configuration must the engineer apply to accomplish this task?

Answer options

• A. aaa new-model line con 0 password plaintextpassword privilege level 15
• B. aaa new-model aaa authorization exec default local aaa authentication login default radius username localuser privilege 15 secret plaintextpassword
• C. username localuser secret plaintextpassword line con 0 no login local privilege level 15
• D. username localuser secret plaintextpassword line con 0 login authentication default privilege level 15

Correct answer: D

Explanation

The correct answer, D, sets up a local username and password for console access while enabling login authentication, which is essential for security. Option A does not configure username and password authentication; it only sets a password. Option B incorrectly relies on RADIUS instead of local credentials, and option C disables login, which does not meet the requirement for securing the console port.