List five vulnerable Cisco IOS network services, and provide the best practices associated with them. For example, unused interfaces should be disabled.

List five vulnerable Cisco IOS network services, and provide the best practices associated with them. For example, unused interfaces should be disabled.

• Small services such as echo, discard, and chargen should be disabled.
• BOOTP should be disabled.
• Finger should be disabled.
• Hypertext Transfer Protocol (HTTP) should be disabled, and secure HTTPS should be configured (if required).
• Simple Network Management Protocol (SNMP) versions 1 and 2 should be disabled, and SNMPv3 should be configured.
• Cisco Discovery Protocol (CDP) should be disabled unless required.
• Remote configuration should be disabled.
• Source routing should be disabled.
• Classless routing should be disabled.
• no ip directed-broadcast should be configured to stop Smurf attacks.
• no ip proxy-arp should be configured to stop ad hoc routing attacks.

Exam with this question: EWAN v4 Chapter 4 Check Your Understanding: Network Security