Scribd Logo
Upload

Welcome to Scribd!

  • CCNAv2 Chapter 05

    Uploaded by

    Linux Hamza
    9 views18 pages
    This chapter discusses securing network devices and remote access. It covers configuring passwords for devices using encryption algorithms like MD5 and SHA-256. Commands are shown for setting enable and username secrets. The role of next-generation firewalls and IPS is explained, including using them to control access and allow or prevent connections. Firewalls can be used to create security zones like a DMZ. IPS works with signature databases to detect threats. Next-generation firewalls can include IPS modules.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This chapter discusses securing network devices and remote access. It covers configuring passwords for devices using encryption algorithms like MD5 and SHA-256. Commands are shown for setting enable and username secrets. The role of next-generation firewalls and IPS is explained, including using them to control access and allow or prevent connections. Firewalls can be used to create security zones like a DMZ. IPS works with signature databases to detect threats. Next-generation firewalls can include IPS modules.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9 views18 pages

    CCNAv2 Chapter 05

    Uploaded by

    Linux Hamza
    This chapter discusses securing network devices and remote access. It covers configuring passwords for devices using encryption algorithms like MD5 and SHA-256. Commands are shown for setting enable and username secrets. The role of next-generation firewalls and IPS is explained, including using them to control access and allow or prevent connections. Firewalls can be used to create security zones like a DMZ. IPS works with signature databases to detect threats. Next-generation firewalls can include IPS modules.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 18

    CCNA 200-301, Volume 2

    Chapter 5
    Securing Network Devices
    Objectives
    • Explain the Role of Network Components
    ▫ Next-generation firewalls and IPS
    • Configure network devices for remote access
    using SSH
    • Configure device access control using local
    passwords
    Example Login Security Configuration
    Encryption and the service password-encryption
    Command
    Encryption Is Immediate; Decryption Awaits
    Next Password Change
    One-Way Nature of MD5 Hash to Create
    Secret
    Creation of the enable secret Command
    Timeline of Encryptions/Hashes of Cisco IOS
    Passwords
    Commands and Encoding Types for the enable
    secret Command

    Command Type Algorithm


    enable [algorithm-type md5] secret password 5 MD5
    enable algorithm-type sha256 secret password 8 SHA-256
    enable algorithm-type scrypt secret password 9 SHA-256
    Cisco IOS Encoding Password “mypass1” as
    Type 9 (SHA-256)
    Commands and Encoding Types for the
    username secret Command

    Command Type Algorithm


    username name [algorithm-type md5] secret 5 MD5
    password
    username name algorithm-type sha256 secret 8 SHA-256
    password
    username name algorithm-type scrypt secret 9 SHA-256
    password
    vty Access Control Using the access-class
    Command
    Firewall as Positioned in the Packet
    Forwarding Path
    Allowing Outbound Connections and
    Preventing Inbound Connections
    Using Security Zones with Firewalls
    Using a DMZ for Enterprise Servers That Need to Be Accessible
    from the
    Internet
    IPS and Signature Database
    Next-Generation Firewall with Next-Generation
    IPS Module

    You might also like