Router security

1) Management plane:a) SSH:hostname R1ip domain-name 1ExamAMonth.com!crypto key generate rsa modulus 2014!username kevin privilege 15 secret cisco!access-list 1 permit 10.1.1.0 0.0.0.255access-list 1 deny any log!line vty 0 15access-class 1 inlogin localtransport input ssh!2) Control planea) Unicast reverse path forwarding-The way that uRPF works is to check the source IP address of a packet arriving on an interface anddetermine whether that IP address is reachable, based on the router’s Forwarding Information Base(FIB) used by Cisco Express Forwarding (CEF)- CEF must be enabled on a router to use uRPF.- 3 modes:a) strict mode: "> With strict mode operation, a router not only checks to make sure that the sourceIP address of an arriving packet is reachable, based on the router’s FIB, but the packet mustalso be arriving on the same interface the router would use to send traffic back to that IPaddress.b) Loose mode: "> With loose mode operation, a router only verifies that the source IP address of apacket is reachable, based on the router’s FIB.c) vrf mode:configuration:By default, a router with uRPF configured would drop a packet whose source IP address was onlyreachable by a default route; however, uRPF supports an allow-default option that accepts a defaultroute as a valid way to get back to a source IP address.#ip verify unicast source reachable-via {rx | any} [allow-default] [allow-selfping] [# show cef interface to check if uRPF is enabled or not.