What are two recommended ways of protecting network device configuration files from outside network security threats? (Choose two.)（）

A.Allow unrestricted access to the console or VTY ports.
B.Use a firewall to restrict access from the outside to the network devices.
C.Always use Telnet to access the device command line because its data is automatically encrypted.
D.Use SSH or another encrypted and authenticated transport to access device configurations.
E.Prevent the loss of passwords by disabling password encryption.