Security Switch Features
A logical grouping of computers based on switch ports.
Virtual LAN (VLAN)
VLANs are commonly used with this to distinguish voice traffic from data traffic. Traffic on this network can be given a higher priority to ensure timely delivery.
Voice over IP (VoIP)
To provide fault tolerance, many networks implement redundant paths between devices using multiple _____.
Overloads the switch's MAC forwarding table to make the switch function like a hub.
MAC Flooding
This switch feature follows the 802.1x protocol to allow only authenticated devices to connect.
Port authentication
This is used to connect two switches together.
Trunk port
MAC filtering uses the this address of a device to drop or forward frames through the switch.
MAC
Providing redundant paths between segments causes packets to be passed between the redundant paths endlessly. This condition is known as:
A switching loop.
This type of spoofing is changing the source MAC address on frames.
MAC spoofing
When this attack occurs, the source MAC address is changed on frames sent by the attacker.
VLAN Hopping
Is a member of all VLANs defined on a switch and carries traffic between the switches.
Trunk port
Generally, all switch ports are enabled by default. To increase the security of the switch and network, you what should be done to individual ports that are not in use.
They should be disabled.
This protocol runs on switches to prevent switching loops by making only a single path between switches active at a single time.
Spanning Tree Protocol
This type of switch attack associates the attacker's MAC address with the IP address of victim's device.
ARP spoofing/poisoning
This unsecure protocol could allow unauthorized devices to modify a switch's configuration.
Dynamic Trunking
Protocol (DTP)
Is provided by the 802.1x protocol and allows only authenticated devices to connect to the LAN through the switch.
Port authentication
When you use switches to create VLANs, you still need routers to route data between _____.
VLANs
A type of ports used by the Spanning Tree Protocol, which are configured to communicate directly to the root switch.
Root ports
This protocol is not secure and allows unauthorized devices to possibly modify configuration information. You should disable the DTP services on the switch's end user (access) ports before implementing the switch configuration into the network.
Dynamic Trunking Protocol
This switch feature restricts connection to a given port based on the MAC address.
MAC filtering/port security
Ports in unauthorized states can be used only for this authentication traffic.
802.1x protocol
Creating VLANs with switches offers many administrative benefits such as being able to create virtual LANs based on criteria such as ______, protocol, or service.
Workgroup
Ports in the Spanning Tree Protocol exist in one of five states: Blocking, listening, learning, forwarding and ____.
Disabled
With this particular switch attack, the source device sends frames to the attacker's MAC address instead of the correct device.
ARP spoofing/poisoning
This security feature on some switches filters out untrusted DHCP messages.
Dynamic Host Configuration protocol (DHCP) snooping