Chapter 10: Security

Outline:

Chapter Review 
Chapter Overview 
10.1 Access Lists
10.1.1 Standard and extended access lists syntax
10.1.2 Named access list syntax
10.1.3 Time-based extended access list syntax
10.1.4 Configuring access list descriptions with the remark command
10.1.5 Syntax for applying access lists
10.2 Securing Router Access
10.2.1 Using access lists to secure virtual terminal access
10.2.2 Using access lists to secure access to the IOS web interface
10.3 Dynamic Access Lists: Lock-and-Key
10.3.1 Lock-and-key overview
10.3.2 Lock-and-key operation
10.3.3 Configuring lock-and-key
10.3.4 Configuring lock-and-key authentication
10.4 Session Filtering
10.4.1 Using extended access lists with the established argument
10.4.2 Reflexive access lists
10.4.3 How reflexive access lists work
10.4.4  Restrictions on using reflexive access lists
10.4.5 Configuring reflexive access lists
10.4.6 Reflexive access list configuration example
10.5 Context-Based Access Control
10.5.1 Context-Based Access Control (CBAC)
10.5.2 CBAC operation
10.5.3 When and where to configure CBAC
10.5.4 Choosing an interface
10.5.5 Defining CBAC inspection rules
10.5.6 Configuring global timeouts
10.5.7 Verifying CBAC
10.5.8 A CBAC configuration example
10.6 Using an Alternative to Access Lists
10.6.1 The Null 0 interface
10.7 Configuring Router Security Lab Exercises
10.7.1 Lock-and-key
10.7.2 Reflexive access lists
10.7.3 CBAC
Chapter Summary
Chapter Quiz