As with any software image, it's essential to verify the integrity and authenticity of this file to ensure it hasn't been tampered with or corrupted. Cisco likely provides digital signatures or other integrity verification mechanisms for their software images.
To enable remote secure management via SSH, generate your crypto keys and turn on the VTY lines: cat9kv-prd-17.12.01prd9.qcow2