cisco 10-13 Flashcards
What protocols are used by AAA to authenticate users against a central database of usernames and passwords
RADIUS, TACACS+
Authentication method that stores usernames and passwords in the router and is ideal for small networks
local AAA
Component of AAA used to determine which resources a user can access and which operations the user is allowed to perform
authorization
Component of AAA used to allow an administrator to track individuals who access network resources and any changes made
accounting
What device is considered a supplicant during the 802.1x authentication process
the client that is requesting authentication
Which access control component controls what users can do on the network
authorization
Access control component that audits what users actions are performed on the network
accounting
Access control component that restricts LAN access through publicly accessible switch ports
802.1x
Access control component that indicates success or failure of a client-requested service with a PASS or FAIL message
authorization
Access control component that is based on device roles of supplicant, authenticator, and authentication server
802.1x
Which two cisco solutions help prevent DHCP starvation attacks
DHCP snooping, port security
What is the result of a MAC table flooding attack
the switch will begin broadcasting traffic out of all ports
Which feature on a switch makes it vulnerable to VLAN hopping attacks
the automatic trunking port feature enabled by default
What makes switches vulnerable to double tagging attacks
native vlan of trunking port being same as user VLAN
Result of DHCP starvation attack
legitimate clients are unable to lease IP addresses
Best practice for CDP and LLDP
disable them where they aren’t required
Which port security configuration allows dynamically learned mac addresses to be saved in running config
sticky secure mac address
Which set of commands limits learned MAC addresses to 2, stores them in running config, and shuts the port down if there are more
switchport port-security, switchport port-security max 2, switchport port-security mac-address sticky
What happens with default port security when an extra mac is added
interface is shut down and log file is made
Default violation mode in port security
shutdown
Violation mode where packets are dropped without log message
protect
Exhibit of show port-security int f 0/. What can be determined?
Port violation mode is the default
Exhibit where Fa0/2 is down. Why?
MAC of PC1 configured on S1 isn’t the right MAC
Vlan hopping attack prevented by designating unused VLAN as native VLAN
VLAN double-tagging
3 Techniques to mitigate VLAN attacks
disable DTP, enable trunking manually, set native vlan to unused vlan
What is the effect of ip dhcp snooping limit rate 6
port can receive 6 DHCP discover messages per second
Purpose of ip arp inspection validate src-mac
checks source MAC in ethernet header against sender MAC in ARP body
Command to enable portfast on all ports by default
spanning-tree portfast default