Network Security FAQ: Router Security
Q1. Give two commands to configure an enable password on a router.
Q2. Name three services that are running on a router that should be turned off if they are not used.
Q3: Name the different types of access lists that can be used.
Answer: The different types of access lists that can be used include the following:
- Standard numbered access list
- Standard named access list
- Extended numbered access list
- Extended named access list
Q4. What are dynamic access lists?
Q5. What is CBAC used for when it is configured on a router?
Q6. List five tasks to configure CBAC.
Answer: Tasks to configure CBAC include the following:
- Pick an interface: internal or external.
- Configure an IP access list on that interface.
- Configure global timeouts and thresholds.
- Define an inspection rule.
- Apply the inspection rule to an interface.
- Configure logging and audit trail.
Q7. What does the ip inspect max-incomplete high command do?
Q8. Give three different types of enhanced access lists.
Answer: Three different types of enhanced access lists are as follows:
- Dynamic access lists
- Time-based access lists
- Reflexive access lists
Q9. What can be filtered with reflexive access lists?
Q10. How can reflexive access lists be defined?