Custom Search
|
|
Cisco Ccna (640-553) Security Exam Training: Using The “auto Secure” Command
Network administrators (like you) use the “auto secure” command to secure the management and forwarding planes of a router. Another way of saying it is, CCNAs use this command to secure a router by disabling common IP services which can be exploited by attackers to initiate network attacks. When the command is typed on a router, it takes the user (ccna) thru a command line-interface (CLI) semi-interactive session (which is also known as the AutoSecure dialogue). Below is the command’s syntax: auto secure [management | forwarding] [no-interact | full] [ntp | login | ssh | firewall | tcp-intercept] As you can see, the command can use several “optional” keywords: management – This (optional) keyword is used to only secure the management plane of a router. forwarding – This (optional) keyword is used to only secure the forwarding plane of a router. no-interact – A CCNA uses this (optional) keyword if he or she doesn’t want to be prompted for any interactive configurations. (If this optional keyword is not used, the user will be shown the noninteractive configuration and the interactive configurations) full – This (optional) keyword is used to indicate that the user (ccna) wants to be prompted for all interactive questions. (If this optional keyword is not used, the router will behave this way by default) ntp – This optional keyword is used to specify the configuration of the Network Time Protocol (NTP) feature in the AutoSecure command line-interface (CLI). login – This (optional) keyword is used to specify the configuration of the Login feature in the AutoSecure CLI. ssh – This (optional) keyword is used to specify the configuration of the Secure Shell (SSH) feature in the AutoSecure CLI. firewall – This (optional) keyword is used to specify the configuration of the firewall feature in the AutoSecure CLI. tcp-intercept – And, this (optional) keyword is used to specify the configuration of the TCP-Intercept feature in the AutoSecure CLI. Below is an example of the command being used: Router>enable Router#auto secure --- AutoSecure Configuration --- *** AutoSecure configuration enhances the security of the router, but it will not make it absolutely resistant to all security attacks *** AutoSecure will modify the configuration of your device. All configuration changes will be shown. For a detailed explanation of how the configuration changes enhance security and any possible side effects, please refer to Cisco.com for Autosecure documentation. At any prompt you may enter '?' for help. Use ctrl-c to abort this session at any prompt. As you can see, once the command is typed into the router, the user (ccna) is informed about the CLI semi-interactive session. Well, I would like to go on and on explaining this command in greater detail, but to do so would make this article extremely lengthy. But, if you decide to use this command to harden your router(s), make sure your router(s) is running Cisco IOS 12.3(4)T or higher. I hope this article was very informative and helped you quickly understand the usage of the auto secure command. If you need to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques. To your success, Article Directory: http://www.articledashboard.com Charles Ross, CCNP #CSCO10444244 is the owner of Ittechtips.com; where you'll find free comprehensive information and videos on how to pass the CCNA (640-553) security exam. Sign-Up for "100 Free Videos" and, also learn more about the new "Cisco CCNA (640-553) Video Accelerated Training Course" at his website. www.ittechtips.com |
|