List five vulnerable Cisco IOS network services, and provide the best practices associated with them. For example, unused interfaces should be disabled.
- Small services such as echo, discard, and chargen should be disabled.
- BOOTP should be disabled.
- Finger should be disabled.
- Hypertext Transfer Protocol (HTTP) should be disabled, and secure HTTPS should be configured (if required).
- Simple Network Management Protocol (SNMP) versions 1 and 2 should be disabled, and SNMPv3 should be configured.
- Cisco Discovery Protocol (CDP) should be disabled unless required.
- Remote configuration should be disabled.
- Source routing should be disabled.
- Classless routing should be disabled.
- no ip directed-broadcast should be configured to stop Smurf attacks.
- no ip proxy-arp should be configured to stop ad hoc routing attacks.
Exam with this question: EWAN v4 Chapter 4 Check Your Understanding: Network Security
Please login or Register to submit your answer