* Detect and prevent denial of service (DoS) attacks with TCP Intercept, Context-Based Access Control (CBAC), and rate-limiting techniques * Use Network-Based Application Recognition (NBAR) to detect and filter unwanted and malicious traffic * Use router authentication to prevent spoofing and routing attacks * Activate basic Cisco IOS filtering features like standard, extended, timed, lock-and-key, and reflexive ACLs to block various types of security threats and attacks, such as spoofing, DoS, Trojan horses, and worms * Use black hole routing, policy routing, and Reverse Path Forwarding (RPF) to protect against spoofing attacks * Apply stateful filtering of traffic with CBAC, including dynamic port mapping * Use Authentication Proxy (AP) for user authentication * Perform address translation with NAT, PAT, load distribution, and other methods * Implement stateful NAT (SNAT) for redundancy * Use Intrusion Detection System (IDS) to protect against basic types of attacks * Obtain how-to instructions on basic logging and learn to easily interpret results * Apply IPSec to provide secure connectivity for site-to-site and remote access connections * Read about many, many more features of the IOS firewall for mastery of router security