Follow me on Twitter:
https://twitter.com/CCNADailyTIPS
My strategy to pass CCNA Security in 6 MONTHS:
https://www.youtube.com/watch?v=TRqDGTBsPM4
Video 1:
https://www.youtube.com/watch?v=loUUWQRTzlQ
Video 2:
https://www.youtube.com/watch?v=qv-mm9m0-QU
Video 3:
https://www.youtube.com/watch?v=LKhP2NkYfP8
Video 4:
https://youtu.be/NK7uaqr2fgM
Video 5:
https://youtu.be/FBCfrWImz2E
Video 6:
https://youtu.be/kb7lgscxt4A
Video 7:
https://youtu.be/av381O7mEVA
AutoSecure
The AutoSecure feature secures a router by using a single CLI command to disable common IP services that can be exploited for network attacks, enable IP services and features that can aid in the defense of a network when under attack, and simplify and harden the security configuration of the router.
AutoSecure enhances secure access to the router by configuring a required minimum password length to eliminate common passwords that can be common on many networks, such as “lab” and “company name.” Syslog messages are generated after the number of unsuccessful attempts exceeds the configured threshold.
R1(config)#Secure boot-img
This command enables or disables the securing of the running Cisco IOS image. The following two possible scenarios exist with this command.
When turned on for the first time, the running image (as displayed in the show version command output) is secured, and a syslog entry is generated. This command will function properly only when the system is configured to run an image from a disk with an Advanced Technology Attachment (ATA) interface. Images booted from a TFTP server cannot be secured. Because this command has the effect of “hiding” the running image, the image file will not be included in any directory listing of the disk. The no form of this command releases the image so that it can be safely removed.
R1(config)#Secure config
Without any parameters, this command takes a snapshot of the router running configuration and securely archives it in persistent storage. Like the image, the configuration archive is hidden and cannot be viewed or removed directly from the command-line interface (CLI) prompt . It is recommended that you run this command after the router has been fully configured to reach a steady state of operation and the running configuration is considered complete for a restoration, if required. A syslog message is printed on the console notifying the user of configuration resilience activation. The secure archive uses the time of creation as its filename. For example, .runcfg-20020616-081702.ar was created July 16 2002 at 8:17:02.
The restore option reproduces a copy of the secure configuration archive as the supplied filename (disk0:running-config, slot1:runcfg, and so on). The restore operation will work only if configuration resilience is enabled. The number of restored copies that can be created is unlimited.
