Detailed document for cisco router configuration audit
Step 1
1.1 Remote vty, con, or aux terminal access should require a user to login All remotely accessible terminals (vty, con, aux) should have login checking turned on (require EXEC password). Any modem or network device that gives access to the Cisco console port must provide a password challenge. All access to the router (be it remote or direct) should be password controlled. All remote management should be performed using SSH to ensure traffic is encrypted esp. password. Anyone with network visibility to the router can gain command prompt access, if the login directive is not given in the Cisco configuration.