Security Review
How would we set authentication to the console to use the local configured username + password??
How could we configure authentication by telnet to only need a password?
How could we configure user trying to go into enable mode to be autheticated by tacacs and fall back to local?
How could we configure a failed login to generate Sorry Authentication failed?
How do we define tacacs server with a password of cisco which use source int lo0?
how could we authorize the console connections by tacacs then fall back to local?
how could we authorize locally all ip options on interface to user with privelege level 6
How can we use rbac to give a specfic access to a user named EOghan to allow him run all debug commands??
How do you combine rbac access??
how can we do lock out after 3 attempts??
What is quietmode and how can we configure away around it?
how could we get a failure logon every 3 attempts
how could we delay each login attempt by 4 tries to prevent dictionary attacks?
Limit a user named Eoghan so he can only telnet from a router to 1.1.1.1 port 80?
Limit telent sessions inbound to router only from 2.2.2.2?
how would you match even 2 octet out of these 5 address 112.1.0.0 112.2.0.0 112.3.0.0 112.4.0.0 112.4.0.0 112.4.0.0 112.5.0.0?
What are the traceroute udp ports?
What is used path mtu discovery process what message is generated?
What error/return message are generated by icmp?
How can you chance the logging of an access list to log every 4th hit?
How can you stop icmp from sending back unreachable info?
How could you drop traffic if entered a specfic interface and leaving on another sepcfic interface so limit traffic to say enters s0/0 and leaves fa0/0 only?
How can we allow return traffic using reflexive accesslist say icmp?
When denying traffic inbound what must we take into account?
why do we not need to take this into account outbound?
If i ping from a router which has a reflect access list how can i account for this with reflect acl?
I want to give access to http server 1.1.1.1 but only if user authenticated to a router 2.2.2.2 how would i configure?
I want to set so the connection timeout every 15 min?
i want to limit access to the web server 1.1.1.1 from a user in 3.3.3.3 subnet to weekdays 6pm to 9am?
If i have 4 (1 to 4) switches connected in full mesh i want to implement vlan access map to filter where should i implement this??
how could create a vlan access map to allow tcp but deny everything else and apply to vlan 20??
In port security what do we need to watch out for with sub interfaces in different vlans?
How do you set an time out on port security enteries??
How do you set port security mode whether it shutdown port etc?
Which action logs and which action does not log when port-security rejects?
How can we configure auto recover for port security shutdown ports?
Where do you enable dhcp snooping trust?
How can we protect dhcp database again reboot??
How could i limit request on a non trusted port?
What does dhcp snooping do with giaddr?
what issues does it cause and how can we resolve?
How do we put a static entry for 150.1.1.1 to mac 000d.2fee.bcef.0000 in arp inspection and when would we do this?
how do we enable arp inspection and include the static entry?
What is ip source guard for?
How do we create a static entry for 150.2.2.2 in ip source guard?
how do we enable ip source guard?
On layer 2 port appy a filter to int gi1/0/1 only allow ethertype 0x806 and icmp?
what is the command to put a port under 802.1x control at interface mode and at global config mode?
how would set 802.1x to send request to radius server?
how could we limit icmp to 100 pps in CPP?
what the differences between cpp and cppr?
What are the 3 interfaces CPR?
How could we match all closed ports with CPPR?
What is notable about routing protocols and ports?
How could we apply que limit to http of 50?
is there a way of globally not allowing ip options?
How could we interface level disallow ip source routing?
using nbar match any http request which end .pfd or .txt and drop?
What is the difference between URPF strict and loose mode?
Why would we use loose?
what the command to configure each?
What modes are in tcp intercept + how do they difffer?
how could you configure a passive mode to limit icomplete connections to 100 if they drop below 80 reallow?
Also set connection timeout?
how could allow return traffic for ftp using cbac what is special about ftp that reflexive would not work?
How can we set a global setting for CBAC for dns timeout 10 seconds compared to interface specfic??
How would account for custom ports in cbac say 8008 for internet ?
How do we apply a cbac to an interface?
how do you define secuirty zone and inside zone?
how could we allow return traffic zbfw?
how do we assign an interface to a zone?
can inside speak to outside by default?
can outside speak to inside by default ?
how would we allow outside transit traffic into inside?
How do apply a parameter map + what is it?
why would we need a key for cisco ips defentions?
what if the key was on another router how could we copy it accoss?
how could we limit ips to check traffic to host 5.5.5.5
how could we tell ips to syslog violations
how could we disable all signatures + why would we do this?
how can we enable individual signature
how do we apply to interface ips
how do you copy a .pkg into your ips database?
how can we make event action in ips?
if all host are in vlan 20 which is isolated can they communicate to each other?
if all host are in vlan 30 which is communtity can they speak to each other + can they speak to communtiy vlan 40?
how would assign primary vlan?
how can you configure the above vlan 10 the primary port?
what is limit with protected ports?
when unkown traffic comes in will it floood out on protect port + could another protected recieve how do we get around this
problem?
how do you cofigure storm control to lime unicast to 80 percent of the bw ??
Nice Article! Thanks for sharing with us.
ReplyDeleteBasic IP Traffic Management with Access lists