Port Security

Question 1

What is dhcp snooping?

Answer 1

A rogue dhcp server can cause connection issues
Dhcp snooping only allows requests dhcp servers on ports you define
Will create an ip to mac table by tracking dhcp traffic to and from server

Question 2

Arp inspection

Answer 2

Attacker pollutes arp table

Arp inspection drops any altered frames w/ no mapping

Question 3

What is port bonding

Answer 3

Connects multiple links/channels, layer 3 treats it as one link
Combines 2-8 ports together b/w 2 swicthes to achieve more bandwidth and resiliency

Question 4

What is port mirroring

Answer 4

Allows you to sniff traffic on network
Can see how a typical switch will read forwarding table and only send out destination port
Good to use strategically for short periods

Question 5

What is spanning tree protocol?

Answer 5

Creates topology base, removes redundant links(saves path), eliminates looping, finds shortest link

Question 6

What is BPDU

Answer 6

Bridge protocol data unit

Question 7

5 states of stp

Answer 7

Blocking- doesnt allow frames: default port mode
Listening: port listens to bpdu’s to make sure no loop, forwards data; doesnt populate mac table
Learning- learns all paths in network, populates mac table, doesnt forward data
Forwarding- sends and receieves data frame on bridged port
Disabled-doesn’t particpate in stp