Cisco Certified Network Associate (CCNA) Practice Exam 2026 - Free CCNA Practice Questions and Study Guide

The command that encrypts all plaintext passwords in Cisco IOS is the command to activate password encryption services. By entering "service password-encryption", you enable a feature that secures all plaintext passwords stored in the configuration file, thus preventing them from being easily readable.

This command ensures that any new passwords configured in the router, including console, VTY, and enable passwords, are automatically encrypted and stored in a less vulnerable format. While this does not offer strong encryption, it does add a layer of security by obfuscating the passwords to prevent casual observation.

Other options may reference specific aspects of password handling but do not provide the same functionality for encrypting all plaintext passwords in the configuration. For instance, the "enable secret" command is specifically used to create an encrypted password for privileged EXEC mode but does not affect other types of passwords. Similarly, the commands "encrypt passwords" and "security password-encryption" do not exist or are not valid commands in Cisco IOS for the purpose of encrypting all plaintext passwords. Thus, activating the password encryption service is the most suitable and comprehensive approach to securing the passwords in the configuration file.