From: anthony.sequeira@thomson.com
Date: Fri Dec 01 2006 - 22:38:25 ART
Congrats to Troy F. [ccie17k@gmail.com] for winning the Cisco Press
title last week!
LAST WEEK'S ANSWER:
Answer: a, b, c
Topic Domain: 8b
Issues:
What is a MAC flooding attack? How can it be prevented?
Solutions:
A MAC flooding attack is a simple attack the exploits the basic nature
of a Layer 2 switch. The switch only has a certain amount of memory for
holding MAC address information. If a hacker floods the switch with
false MAC address information from a port - the storage area for MAC
addresses can fill. When this happens - traffic begins flooding in the
VLAN of the attack and the switch appears to be a hub operating in that
VLAN. Often times a hacker uses this as a way to sniff all of the
flooded traffic in order to gain information for subsequent attacks. Any
technology that restricts MAC learning on a port can prevent such an
attack. This would include Port Security, 802.1x, and Dynamic VLANs.
More Information:
VLAN Security White Paper
http://www.cisco.com/warp/public/cc/pd/si/casi/ca6000/prodlit/vlnwp_wp.h
tm
LAST WEEK'S QUESTION:
8-9-4. You are interested in preventing a MAC flooding attack in your
Campus LAN. What countermeasures can you use to ensure that you are not
the victim of such an attack? Choose all that apply.
a. Port Security
b. 802.1x
c. Dynamic VLANs
d. RootGuard
THIS WEEK'S QUESTION:
7-7-5. An administrator in your network has configured the ip multicast
ttl-threshold command on a router and set the TTL Threshold to 12. Which
of the following TTL values of packets will trigger a packet drop?
Choose all that apply.
a. 6
b. 12
c. 13
d. 15
Question of the Week Compliments of:
TESTiT
http://www.netmasterclass.com/site/written.php
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:36 ART