I have good news (actually great news), and a little bad news for you.
Here's the bad news: The CCNA Security tutorial on this page was created for the 640-553 version, which expired on September 30, 2012.
Security audits are certainly still around, but it's unlikely you'll be performing any with SDM, as SDM is now obsolete and is no longer supported by Cisco.
You won't have SDM to kick around on Cisco certification exams any longer!
Here's the good news: I have plenty of free resources ready to help you pass the new 640-554 exam, including videos and tutorials!
CCNA Security 640-554 Videos And Tutorials
I also have a free CCNA Security 640-554 Video Boot Camp preview on Udemy!
CCNA Security 640-554 Video Boot Camp Preview
Students in that course receive a 60% discount on the full course on October 29 - so it's well worth taking five minutes to sign up right now!
They'll also get the best possible price on my CCNP Security 640-554 Bulldog Boot Camp DVD!
Thanks for visiting and for making TBA part of your CCNA Security success story!
Chris Bryant
CCIE #12933
"The Computer Certification Bulldog"
chris@thebryantadvantage.com
Twitter: http://www.twitter.com/ccie12933 (@ccie12933)
Facebook: http://on.fb.me/gPq52d
Blog: http://thebryantadvantage.blogspot.com
YouTube: http://www.youtube.com/user/ccie12933
CCNA Security Certification Exam Tutorial
Using SDM To Perform A Security Audit
By Chris Bryant, CCIE #12933
In the first two sections of this CCNA Security Exam tutorial, we used the Security Device Manager (SDM) to put a Cisco router into one-step lockdown.
The one-step lockdown is effective, but a pretty drastic step as well. You may want to take an incremental approach to securing your router. The Security Audit feature in SDM gives us this option.
I'm Paying It Forward - To You.
Get CCNA Security Certified Today - For $20.
To give the Security Audit feature something to audit, I've removed the lockdown configuration from the router.
Here's the Security Audit Wizard launch button:
SDM then presents us with a summary of the Security Audit feature.
After the audit runs, we're presented with a long list of potential security issues, along with passed or not passed.
The next screen gives us the option to fix the not passed issues on a per-issue basis, or to undo the passed issues.
Selecting Fix the Security problems presents us with a list of those perceived problems, and the option to fix them. There is a Fix All option, but you can fix each individually as well.
After selecting Fix All and clicking Next, I am indeed "prompted for more information to fix certain settings", as the above window mentioned. I now have to set an enable password and a login banner.
After this screen, I was prompted to configure the IOS Firewall. We'll save that for a future tutorial.
Finally, we arrive at the Summary window. Here's just a part of that window: 
Clicking Finish delivers the config, and we're done!
We can also put the router into lockdown at the command line, and we'll take a look at that in a future installment of this CCNA Security Exam tutorial series!
I'm Paying It Forward - To You.
Get CCNA Security Certified Today - For $20.
To your success,
Chris Bryant
CCIE #12933
chris@thebryantadvantage.com
|
