Term
- security passwords min-length
- exec-timeout
- service password-encryption
|
|
Definition
| commands to increase password security |
|
|
Term
| Things to do to secure administrative access to routers |
|
Definition
- Restrict device accessibility
- Log and account for all access
- Authenticate access
- Authorize actions
- Present legal notification
- Ensure the confidentiality of data
|
|
|
Term
| service password-encryption |
|
Definition
| This command hashes current and future plaintext passwords in the configuration file into an encrypted ciphertext |
|
|
Term
- username name password password
- username name secret password
|
|
Definition
| two methods of configuring local username accounts |
|
|
Term
- Implement delays between successive login attempts.
- Enable login shutdown if DoS attacks are suspected.
- Generate system-logging messages for login detection.
|
|
Definition
| Virtual Login Security Enhancements |
|
|
Term
|
Definition
| a network device can be configured to react to repeated failed login attempts by refusing further connection requests (login blocking). This block can be configured for a period of time |
|
|
Term
| login block-for quiet mode |
|
Definition
| If the number of failed logins exceeds the configured threshold, all login attempts using Telnet, SSH, and HTTP are denied. |
|
|
Term
| login block-for normal mode |
|
Definition
| The router keeps count of the number of failed login attempts within an identified amount of time |
|
|
Term
|
Definition
| Use these to present legal notification to potential intruders to inform them that they are not welcome on a network. |
|
|
Term
Step 1: Configure IP domain name
Step 2: Generate secret one-way secret RSA keys
Step 3: Create a local database username entry
Step 4: Enable vty inbound SSH sessions |
|
Definition
|
|
Term
|
Definition
| use this command to display information about the view that the user is currently in. |
|
|
Term
|
Definition
configuration and image files can be copied securely to another device using this
Provides a secure and authenticated method for copying router configuration or router image files between devices using SSH |
|
|
Term
| Cisco IOS Resilient Configuration |
|
Definition
| enables a router to secure and maintain a working copy of the running image and configuration files. |
|
|
Term
|
Definition
| Information flows within a network on which no production traffic resides |
|
|
Term
|
Definition
| Information flows across the enterprise production network or the Internet (or both) |
|
|
Term
|
Definition
| A host that accepts and processes log messages from one or more clients |
|
|
Term
|
Definition
- A host that generates log messages and forwards them to a server.
- Routers, switches, PIXs, ASAs, APs, servers...
|
|
|
Term
|
Definition
| the most practical method for viewing logging events in real time |
|
|
Term
|
Definition
| is a single privileged EXEC program that allows elimination of many potential security threats quickly and easily |
|
|
Term
- interactive
- noninteractive
|
|
Definition
|
|
