


Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
A comprehensive overview of essential networking security configurations, including best practices and command examples for cisco devices. It covers topics such as disabling unnecessary services, securing dhcp and arp protocols, and implementing access control measures. Valuable for students and professionals seeking to enhance network security and mitigate potential vulnerabilities.
Typology: Exams
1 / 4
This page cannot be seen from the preview
Don't miss anything!



Do Not Allow Negotiations Commands - ✔✔SW3(config)# int g 1/0/ SW3(config-if)# sw mode access SW3(config-if)# sw access vlan 10 SW3(config-if)# sw nonegotiate SW3(config-if)# no shut SW3(config)#int g 0/ SW3(config-if)# sw mode trunk SW3(config-if)# sw trunk native vlan 50 SW3(config-if)# sw nonegotiate SW3(config-if)# no shut Cisco Discovery Protocol (CDP) - ✔✔Provides a mechanism for the management system to automatically learn about devices connected to the network. Network devices periodically advertise their own information to a multicast address on the network Link Layer Discovery Protocol (LLDP) - ✔✔-Allows interworking between vendor equipment
· Rate-limits DHCP traffic from trusted and untrusted sources. · Builds and maintains a binding database, which contains information about untrusted hosts with leased IP addresses. · Utilizes a binding database to validate subsequent requests from untrusted hosts. Dynamic ARP Inspection (DAI) - ✔✔-Validates ARP packets in a network
R1(config-if)# no ip mask-reply Limit Connection Time Command - ✔✔R1(config)# exec-timeout minutes seconds Retry Count Command - ✔✔R1(config)# ip ssh authentication-retries 3 Timer for Authentication Inactivity Command - ✔✔R1(config)# ip ssh time-out 60