Networking Flashcards
Port security
When attacker changes their own physical PC address to conceal their true Identity and pose as someone esle. What kick of attack is this?
MAC Spoofing
Port Security
What is an attack that targets a switch’s MAC Table. The Idea is to flood the table with a large number of fake address. When the list of addresses exceeds the maximum size of the table, the switch will initiate its fallback mode and begin to act as a hub, meaning every frame will be forwarded to every host on the network.
CAM Table Overflow
Port Security
How many port security protection modes are there to handle incidents in which it recieves an ethernet frame with an unauthorized MAC address?
There 3 port security protection modes.
- Shutdown (default setting)
- Restricted (blocks the unauthorized mac address and sends a notification)
- Protect (blocks the unauthorized mac address without a notification)
Port Security: Violation Modes
The Default violation mode. When a violation occurs, the port will be shut down and logged automatically. The port must then be reset manually to become operational again.
Shutdown Mode
Port Security: Violation Modes
In case of a violation, Ethernet frames with an unauthorized source MAC address are dropped. The switch provides notification of security violations and keeps count of the number of violations?
Restricted
Port Security: Violation Modes
In case of a violation, Ethernet frames with unauthorized source MAC addresses are dropped. In this violation mode, the switch does not provide notification regarding the event.
Protected mode.
Port Security: Address learning
How do switches learn MAC addresses?
- Manual or
2. Sticky
Port Security: Address learning
Which address learning method requires a static configuration of each allowed MAC address and its assignment to an interface. This is the most secure method, but it is very time consuming and open to faulty configuration.
Manual
Port Security: Address learning
What method of address learning allows MAC addresses are learned dynamically and are limited to the maximum number configured for the interface. The switch learns the source address of the first few devices associated with the interface, providing a fast and scalable method of operation.
Sticky
Port Security:
what is the Max Allowed MAC address ranges for port security?
By default the max is one but the range can be configured from 1 to 3072.
Port Security:
What mode is the switch in if the port has been disabled automatically by the switch operating system, due to port security shutdown mode violation?
Err-disabled mode
Port Security:
what command do you run to determine if Err-disable was turned off for a port or check the status of the port?
show interfaces [interface] status
i.e. show interfaces fasteEthernet 0/1 status
Common Reasons for err-disable:
This state occurs when two parties, set for point-to-point communication, are configured to use different duplex modes?
Duplex Mismatch
Common Reasons for err-disable:
When a faulty network interface card with software problems or hardware problems may trigger the Err-disabled state.?
Bad NIC
Common Reasons for err-disable
What is it called when there is a broadcast volume too large for processing in the broadcast domain, the switches may be overwhelmed and trigger err-disabled mode on its ports
Broadcast storm
