Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 412

A vulnerability assessment highlighted that remote access to the switches is permitted using unsecure and unencrypted protocols. Which configuration must be applied to allow only secure and reliable remote access for device administration?

Answer options

• A. line vty 0 15 login local transport input all
• B. line vty 0 15 login local transport input ssh
• C. line vty 0 15 login local transport input telnet ssh
• D. line vty 0 15 login local transport input none

Correct answer: B

Explanation

The correct answer is B because configuring 'transport input ssh' ensures that only SSH, which is a secure protocol, is allowed for remote access to the switches. Option A allows all protocols, including insecure ones, while C still permits Telnet, which is unencrypted. Option D blocks all remote access, which is not suitable for administration.