Which command would you use to enable password encryption on a Cisco device?

To enable password encryption on a Cisco device, the command "service password-encryption" is used. This command activates the feature that encrypts passwords stored in the device's configuration file, thus enhancing security. When this command is entered in the global configuration mode, the router or switch will automatically encrypt any existing or newly created plaintext passwords, preventing unauthorized users from easily reading them.

This is crucial for maintaining the confidentiality of sensitive information such as user passwords, particularly in environments where multiple administrators may have access to the configuration. The encryption method used by default in this command is relatively simple, with the passwords being obfuscated rather than fully encrypted, but it still serves to deter casual observation.

The other options do not constitute valid Cisco IOS commands for password encryption, which is why they would not achieve the same goal as the correct choice. The syntax and intended use of the command "service password-encryption" is well-defined in Cisco documentation, ensuring that users can trust it to fulfill its intended function effectively.