To prevent an attacker from enumerating Cisco router model, OS version, and capabilities, which feature should be disabled?

CDP is a Layer 2 discovery protocol Cisco devices use to advertise their identity and capabilities to directly connected neighbors. When CDP is enabled, a router can reveal its model, IOS version, hardware capabilities, and even interface information. An attacker on the same local network could hear these CDP advertisements and quickly learn what devices are present and what software versions they’re running, making it easier to plan targeted attacks. Disabling CDP stops these broadcasts and reduces the amount of device metadata exposed to others on the network. On Cisco devices, you typically disable it globally with "no cdp run" in global configuration, or on specific interfaces with "no cdp enable" to limit exposure. If you’re in a mixed environment, consider using LLDP instead for legitimate discovery, but keep CDP disabled on untrusted segments to prevent enumeration.