Practice Q's - CDP Flashcards
Which of the following is true about CDP?
A. It can be used to discover the network topology
B. It is used to generate a denial of service attack
C. It can be used as part of a MAC address flooding attack
D. It is used to generate a MAC spoofing attack
Answer: A
Explanation:
Cisco Discovery Protocol (CDP) is a Cisco proprietary protocol used by Cisco devices to obtain information about directly connected devices that are also made by Cisco. Since this information includes name, device type and capabilities, IP address, and other identifying information, if these packets are captured they can be used to map the network topology. Since the first step in the hacking process (Discovery, Penetration, and Control) is discovery, this can be a security threat.
CDP is not used to generate a DoS (denial-of-service) attack, which is an attack designed to overwhelm a device with work requests that make it unavailable for its normal jobs.
CDP is not used as part of a MAC address flooding attack. This is performed by a hacker creating packets with unique MAC addresses and flooding the switch’s CAM table with these packets.
When the CAM buffer is full, the switch will start sending packets out all interfaces enabling the hacker to capture packets from all switch ports, which is normally not possible on a switch, where each port is its own collision domain. CDP plays no role in this process.
CDP is not used to generate a MAC spoofing attack. This type of attack involves the creation of a packet using the MAC address of a known host in the network for the purpose of redirecting traffic to the hacker’s machine instead. CDP plays no role in this process.
Which command on a switchport can cause LLDP to accept LLDP packets but not send them?
- lldp run
- lldp advertise
- lldp receive
- no lldp transmit
Correct Answer: D
Which two statements about LLDP are true? (Choose two.)
- Switches can run LLDP and Cisco Discovery Protocol simultaneously.
- When it is enabled on a switch, Cisco Discovery Protocol must be disabled.
- When LLDP is enabled globally, it is enabled on all ports including tunnel ports.
- Devices with LLDP configured send advertisement messages to a unicast address on a periodic basis.
- Devices with LLDP configured send advertisement messages to a multicast address on a periodic basic.
Correct Answer: AE
Which two mandatory TLV types does LLDP advertise? (Choose two.)
- Native VLAN TLV
- Platform TLV
- Network TLV
- Hostname TLV
- E. ???
Correct Answer: BD
Which two TLVs are mandatory in LLDP advertisements? (Choose two.)
- Platform TLV
- System Capability TLV
- Network Policy TLV
- System Name TLV
- Native VLAN TLV
Correct Answer: BD
Explanation/Reference:
Following are the LLDP TLV’s. Only System Capability TLV and System Name TLV are valid LLDP TLV’s but they are optional, not mandatory. These are the two best answer choices based on the alternatives, perhaps the question was meant to read “Which two TLVs are optional in LLDP advertisements”
Which command sets the interval at which a device sends LLDP updates to its neighbors?
- lldp transmit
- lldp timer
- lldp holdtime
- lldp tlv-select
Correct Answer: B
Which two control protocols use the native VLAN 1 by default? (Choose two.)
- CDP
- VTP
- NTP
- LACP
- STP
Correct Answer: AB
Which command configures an interface to accept LLDP packets without enabling the interface to send the packet?
- lldp transmit
- lldp tlv-select
- lldp receive
- lldp run
Correct Answer: C