which is true regarding layer 2 security and mitigation techniques?

You are responsible for increasing the security within the Company LAN. Of the following choices listed below, which is true regarding layer 2 security and mitigation techniques?

You are responsible for increasing the security within the Company LAN. Of the following choices listed below, which is true regarding layer 2 security and mitigation techniques?

A.
Enable root guard to mitigate ARP address spoofing attacks.

B.
Configure DHCP spoofing to mitigate ARP address spoofing attacks.

C.
Configure PVLANs to mitigate MAC address flooding attacks.

D.
Enable root guard to mitigate DHCP spoofing attacks.

E.
Configure dynamic APR inspection (DAI) to mitigate IP address spoofing on DHCP untrusted ports.

F.
Configure port security to mitigate MAC address flooding

Explanation:

Use the port security commands to mitigate MAC-spoofing attacks. The port security command provides the capability to specify the MAC address of the system connected to a particular port. The command also provides the ability to specify an action to take if a port-security violation occurs. However, as with the CAM table-overflow attack mitigation, specifying a MAC address on every port is an unmanageable solution. Hold-down timers in the interface configuration menu can be used to mitigate ARP spoofing attacks by setting the length of time an entry will stay in the ARP cache. Reference: http://www.javvin.com/networksecurity/NetworkSecurity.html



Leave a Reply 0

Your email address will not be published. Required fields are marked *