5.9 Switch Security and Attacks vocabulary

Question 1

Virtual LAN (VLAN)

Answer 1

A logical grouping of computers based on switch port.

Question 2

MAC filtering/port security

Answer 2

A switch feature that restricts connection to a given port based on the MAC address.

Question 3

Port authentication

Answer 3

A switch feature that follows the 802.1x protocol to allow only authenticated devices to connect.

Question 4

Content-addressable

memory (CAM) table

Answer 4

A table maintained by a switch that contains MAC addresses and their corresponding port locations.

Question 5

Dynamic Host Configuration protocol (DHCP) snooping

Answer 5

A security feature on some switches that filters out untrusted DHCP messages.

Question 6

Dynamic ARP

Inspection (DAI)

Answer 6

A security feature on some switches that verifies each ARP request has a valid IP to MAC binding.

Question 7

MAC flooding

Answer 7

An attack that overloads a switch’s MAC forwarding table to make the switch function like a hub.

Question 8

ARP spoofing

Answer 8

An attack in which the attacker’s MAC address is associated with the IP address of a target’s device.

Question 9

VLAN hopping

Answer 9

An attack in which the actor routes network traffic from one VLAN to another, avoiding VLAN segmentation.

Question 10

Double tagging

Answer 10

An attack in which the attacking host adds two VLAN tags instead of one to the header of the frames that it transmits.

Question 11

MAC spoofing

Answer 11

An attack in which the source MAC address is changed in the header of a frame.

Question 12

Dynamic Trunking

Protocol (DTP)

Answer 12

An unsecure protocol that could allow unauthorized devices to modify a switch’s configuration.