- #Which method would mitigate a mac address flooding attack password
- #Which method would mitigate a mac address flooding attack mac
the automatic trunking port feature enabled for all ports by defaultĪ VLAN hopping attack enables traffic from one VLAN to be seen by another VLAN without routing.mixed port bandwidth support enabled for all ports by default.the limited size of content-addressable memory space.the mixed duplex mode enabled for all ports by default.Which feature on a switch makes it vulnerable to VLAN hopping attacks?.
#Which method would mitigate a mac address flooding attack mac
When the MAC address table is full, the switch treats the frame as an unknown unicast and begins to flood all incoming traffic to all ports only within the local VLAN.
#Which method would mitigate a mac address flooding attack password
The username and password can be captured if the data transmission is intercepted. Telnet uses plain text to communicate in a network. Which protocol should be used to mitigate the vulnerability of using Telnet to remotely manage network devices?.They should not be enabled on edge devices, and should be disabled globally or on a per-interface basis if not required. Enable CDP on edge devices, and enable LLDP on interior devices.īoth discovery protocols can provide hackers with sensitive network information.Use the default router settings for CDP and LLDP.Disable both protocols on all interfaces where they are not required.Use the open standard LLDP rather than CDP.What represents a best practice concerning discovery protocols such as CDP and LLDP on network devices?.To accomplish this goal, the attacker uses a tool that sends many DHCPDISCOVER messages to lease the entire pool of available IP addresses, thus denying them to legitimate hosts. The IP addresses assigned to legitimate clients are hijacked.ĭCHP starvation attacks are launched by an attacker with the intent to create a DoS for DHCP clients.The attacker provides incorrect DNS and default gateway information to clients.Clients receive IP address assignments from a rogue DHCP server.Legitimate clients are unable to lease IP addresses.
What are two protocols that are used by AAA to authenticate users against a central database of usernames and password? (Choose two.)īy using TACACS+ or RADIUS, AAA can authenticate users from a database of usernames and passwords stored centrally on a server such as a Cisco ACS server.Authentication using the TACACS+ or RADIUS protocol will require dedicated ACS servers although this authentication solution scales well in a large network. In a small network with a few network devices, AAA authentication can be implemented with the local database and with usernames and passwords stored on the network devices. Which authentication method stores usernames and passwords in the router and is ideal for small networks?.CCNA 2 SRWE – Switching, Routing, and Wireless Essentials (Version 7.00) – Modules 10 – 13 – L2 Security and WLANs Exam Answers