Device Hardening
Unit: 10
Lesson: 3
the device needs to be rock hard
Hardening is basically making any device secure against tampering and abuse.
- Change default password
- Enforce password complexity and length requirements
- Use role-based access
- Disable unneeded network services like Telnet or VNC (
services.mscandsystemctlfor Windows and Linux) - Disable insecure network protocols
Port Guards
How to counter MAC address spoofing, ARP cache poisoning and other on-path attacks?
- Dynamic ARP Inspection
- DHCP Snooping
- RA Guard
- ND Inspection
- BPDU Guard
- STP Root Guard
#Netplus