Configure SSH.

Configure 802.1x.

Configure an ACL and apply it to the VTY lines.

Configure Telnet.

The host checks the local neighbor cache for the learned address and if the address is not cached, it it considered unique.

The host sends an ICMPv6 neighbor solicitation message to the DHCP or SLAAC-learned address and if no neighbor advertisement is returned, the address is considered unique.

The host sends an ICMPv6 echo request message to the DHCPv6 or SLAAC-learned address and if no reply is returned, the address is considered unique.

The host sends an ARP broadcast to the local link and if no hosts send a reply, the address is considered unique.

standalone wireless access point

firewall appliance

switch

wireless router

WPA2 with AES

WPA2 with TKIP

WEP

WPA

Enable BPDU guard.

Set the native VLAN to an unused VLAN.

Use private VLANs.

Disable DTP.

Enable trunking manually.

These VLANs cannot be deleted unless the switch is in VTP client mode.

These VLANs can only be removed from the switch by using the no vlan 10 and no vlan 100 commands.

These VLANs are default VLANs that cannot be removed.

Because these VLANs are stored in a file that is called vlan.dat that is located in flash memory, this file must be manually deleted.

to reduce the risk of interference by external devices such as microwave ovens

to reduce the risk of unauthorized APs being added to the network

to provide privacy and integrity to wireless traffic by using encryption

to eliminate outsiders scanning for available SSIDs in the area