The following flags should be set at least:
--insecure-port=0 --anonymous-auth=false
These should not be set:
--insecure-bind-address