What are two recommended ways of protecting network device configuration files from outside

network security threats? (Choose two.)

A.
Allow unrestricted access to the console or VTY ports.

B.
Use a firewall to restrict access from the outside to the network devices.

C.
Always use Telnet to access the device command line because its data is automatically
encrypted.

D.
Use SSH or another encrypted and authenticated transport to access device configurations.

E.
Prevent the loss of passwords by disabling password encryption.

Explanation:
This question is to examine the knowledge point related to network security. Internet firewall is a or
a group of systems, which will enhance the in-house network security of a mechanism. It decides
which in-house services can be accessed by the outside, which people from the outside can
access what in-house services and which outside services can be accessed by in-house
personnel. Firewall is an Internet customs inspection post. So as to keep the effectiveness of the
firewall, all the information in or out of the Internet must flow through the firewall and being
checked by it. Only the authorized data is allowed to pass through the firewall and the firewall itself
must be free of infiltration. Unfortunately, once the firewall system has been break through or
roundabout, it is incapable of providing any protection.
SSH is the abbreviation of Secure Shell, which is established by the Network Working Group of
IETF. SSH is a secure protocol which is based on application layer and transport layer.