4.5 + 4.6 mitigation, hardening

Question 1

What is a DMVPN?

Answer 1

Dynamic Multipoint Virtual Private Network, it is a secure network that allows permanent VPN connections to remain open without traffic needing to pass through a VPN concentrator.

Question 2

flood guard

Answer 2

Configures a maximum number of MAC addresses and disables a port if unrecongized MACs appear.

Question 3

root guard

Answer 3

Prevents rogue bridges from becoming the root bridge and distrupting STP.
changes interface status to root-inconsistent (listening state) if detected

Question 4

BPDU guard

Answer 4

Bypasses listening and learning states of STP for faster convergeance, disables interfaces if it detects a BPDU frame.

Question 5

DHCP snooping

Answer 5

IP tracking on layer 2 device, prevents rogue DHCP servers. Trusted/untrusted devices.

Question 6

native VLAN

Answer 6

Interfaces not assigned to a specific VLAN, doesn’t add an 802.1Q header (non-trunked freames)

Question 7

Data going into interfaces not assigned to a VLAN goes where?

Answer 7

native VLAN

Question 8

default VLAN

Answer 8

the VLAN associated wtih an interface by default

Question 9

What is the default VLAN for the native VLAN? Why is this significant?

Answer 9

VLAN 1

Keeps user data and mangement protocols separate.

Question 10

SYN guard

Answer 10

prevents syn flooding in SDN

Question 11

what is FIM?

Answer 11

File integrity monitoring.

Scans critical files in real time or on-demand such as SFC/Tripwire, makes sure it wasn’t changed

Question 12

SFC/Tripwire are examples of what?

Answer 12

FIM

Question 13

SFC/Tripwire are examples of what?

Answer 13

FIM

Question 14

What is BPDU

Answer 14

Bridge Protocol Data Units are frames that contain information about the spanning tree protocol.

Question 15

What can prevent a network from becoming overwhelmed with MAC address entries?

Answer 15

flood guard