2. The CLI uses a hierarchical structure for the modes. In order from top to bottom, the major modes are: User mode Privileged mode Global Configuration mode Specific Configuration modes

3. User Mode – view only Privileged Mode – used to manage, update configuration By default, no authentication required.

5. Policy – roles, responsibilities, permissions, standard configurations Access – Physical and Electronic IOS - The operating system for the router is a crucial component. Configuration Management – both static and dynamic. Basic hardening should be one of the first steps implemented to minimize the risk of attacks. Logging - log information helps to determine whether the router is working properly of if it has been probed or worst case, compromised.

6. Security policy should define: Roles – define administrator, operator and any user role. Permissions – defines how who will be granted privileges on the device. Rules of conduct – define how rules will be configured on the router and who will approve rule implementation. Responsibilities – define who will make config changes or who will monitor logs. Minimum Configuration Standards – basic hardening requirements.

7. Access should be limited 24/7 365 days a year. Environmental controls - free of electrostatic and magnetic interference, temperature and humidity controlled, Uninterruptible Power Supply (UPS) Some routers offer PC-Card slots or CompactFlash slots The Cisco password recovery procedure allows individual to gain privileged access to the device without using a password.

8. There are two types of access: local and remote. Local access involves a direct connection to a console port on the router with a dumb terminal or a laptop computer.