Version 4.1 - 3.16 Manage Unnecessary Services
This section turned out to be a little ambiguous when I sat down to write it. Note that searching for "Application and Infrastructure Security" on the Cisco site will bring you to a section on the Cisco Application Centric Infrastructure Security Solution. If you start looking around at that stuff, you'll find that it's SDN, virtualization and automation. That is covered in section 8, so I'm going to push that aside and head towards what I considered to be covered in this section.
The other way to view this section is to relate it to device hardening. The Cisco Guide to Harden Cisco IOS Devices is another site with a lot of depth. There are some general Secure Operations guidelines. Then there are sections on securing the Management Plane, Control Plane and Data Plane. If you look at the blueprint, you'll see 6.1 (Router hardening) and 6.2 (Switch security features). So again, I'm not going to go into this in much detail here. However, it would be a good idea to take the time to read through this Guide. Pay particular attention to the "Disable Unused Services" in the Management Plane section. It's a pretty long guide, but each topic is relatively brief. It's a good recap and worth scrolling when you have some time.
I'm not concerned about this section. I've had a long history of buying and reading O'Reilly books. One of those books "Hardening Cisco Routers" by Thomas Akin - was read a very long time ago. I always find O'Reilly books to be interesting and well written. They cover a specific topic and usually go in depth. On top of that, I've been applying "best practices" to routers and switches for a long time. In many ways, this now seems just plain common sense.