4 – Index
root … 7-4
self-signed … 7-3
CHAP …5-11
chap-radius …5-11
cipher,SSH …6-17
Clear button
to delete password protection … 2-7
configuration
filters … 9-2
port security … 11-7
RADIUS
See RADIUS.
saving security credentials in multiple
files … 2-20
SSH
See SSH.
storage of security credentials
console
authorized IP managers, configuring … 12-5
CoS
override … 10-60
priority assignment … 5-4
crypto
babble … 6-12
fingerprint … 6-12
D
database, snooping …8-5
debug logging
DHCP snooping … 8-13
default configuration and security …1-15
default settings
802.1X
aaa port-access authenticator control,
auto … 10-61
aaa port-access supplicant … 10-49–10-50
access control, none …1-6
authentication, disabled …10-3
maximum clients on a port, one … 10-66
aaa authentication parameters … 4-12
aaa port-access authenticator control … 10-21–
10-23
aaa port-access mac-based … 3-52–3-54
aaa port-access web-based … 3-24–3-27
authorized ip managers, none …1-5
client public-key authentication, disabled …6-2
connection-rate filtering, none …1-8
DHCP snooping
database parameters … 8-12
on VLANs, disabled …8-7
Option 82 remote-id, MAC address …8-11
Option 82 untrusted-policy, drop …8-10
trusted ports, disabled …8-8
DHCP snooping, none …1-8
dynamic arp protection, none …1-8
dynamic IP lockdown, none …1-8
factory reset, enabled …2-28
front panel security … 2-3, 2-27
ICMP rate-liming, none …1-8
instrumentation monitor
SNMP traps, disabled …8-35
thresholds and parameters … 8-35
instrumentation monitor, disabled …8-35
IP mask, 255.255.255.255 … 12-4
MAC authentication, disabled …1-6
MAC lockdown and lockout, none …1-7
manager password, no password …1-3
passwords
clear password, enabled …2-27
password recovery, enabled … 2-28, 2-33
password-clear, enabled …2-29
reset-on-clear, disabled …2-28
username and passwords, none
…2-3
po
rt security, none …1-7
port security, off or ’continuous’ … 11-4
RADIUS
accounting, none …5-3
authentication, none …5-3
authorization, none …5-3
global parameters … 5-9
radius-server dead-time, 0 minutes …5-18
radius-server retransmit, 3 seconds …5-19
radius-server timeout, 3 seconds …5-18
server key, null …5-9
RADIUS authentication, disabled …1-5
secure management vlan, disabled …1-5
security
access security and authentication … 1-3
network security … 1-7
SNMP access … 1-15
SNMP access to the security MIB, open …5-21
SNMP, public, unrestricted …1-5
source-port filters … 9-2
spanning tree
bpdu filtering, none …1-8
