The Securing the Management Plane on Cisco Routers module provides you with the instructions and Cisco hardware to develop your hands-on skills in the following topics:
- Securing in-band remote management access using SSH
- Comparing in-band and out-of-band management methods
- Configuring custom privilege levels and views
- Securing the IOS image file and configuring key network services
The following exam objectives are covered in this lab:
- CS0-001 1.3: Given a network-based threat, implement or recommend the appropriate response and countermeasure
- CS0-001 3.4: Given a scenario, analyze common symptoms to select the best course of action to support incident response
- CS0-001 4.2: Given a scenario, use data to recommend remediation of security issues related to identity and access management
- CS0-001 4.3: Given a scenario, review security architecture and make recommendations to implement compensating controls
Exercise 1 - Securing In-Band Remote Access using SSH
In today’s security conscious world, it’s important that access to your infrastructure devices are as secure as they can be. One of the elements of this security is using secure protocols to access your network infrastructure remotely.
In this module, you will secure remote access to a Cisco router by enabling SSH and by disabling insecure protocols such as Telnet. This access will be achieved using in-band management channels. You will then compare the functionality of in-band and out-of-band management configurations.
Exercise 2 - Configuring Custom Privilege Levels and Views
In this exercise, you will configure custom privilege levels and parser views on NYEDGE1. This will enable you to setup different users with different privileges.
Exercise 3 - Cisco IOS and Key Network Services
In this module, you will learn how to configure NTP, how to secure the Cisco IOS image from being deleted and how to configure a syslog server.
See the full benefits of our immersive learning experience with interactive courses and guided career paths.