The Company security administrator is concerned with layer 2 network attacks.
Which two statements about these attacks are true? ()
A. ARP spoofing attacks are attempts to redirect traffic to an attacking host by encapsulating a false 802.1Q header on a frame and causing traffic to be delivered to the wrong VLAN.
B. ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP message with a forged identity to a transmitting host.
C. MAC address flooding is an attempt to force a switch to send all information out every port byoverloading the MAC address table.
D. ARP spoofing attacks are attempts to redirect traffic to an attacking host by sending an ARP packet that contains the forged address of the next hop router.
E. MAC address flooding is an attempt to redirect traffic to a single port by associating that port with all MAC addresses in the VLAN.
您可能感興趣的試卷
你可能感興趣的試題
You work as a network technician at Company. Your boss, Mrs. , is interested in
switch spoofing.
She asks you how an attacker would collect information with VLAN hoping through switch spoofing. You should tell her that the attacking station... ()
A、...uses VTP to collect VLAN information that is sent out and then tags itself with the domain information in order to capture the data.
B、...will generate frames with two 802.1Q headers to cause the switch to forward the frames to a VLAN that would be inaccessible to the attacker through legitimate means.
C、...uses DTP to negotiate trunking with a switch port and captures all traffic that is allowed on the trunk.
D、...tags itself with all usable VLANs to capture data that is passed through the switch, regardless of the VLAN to which the data belongs.
E、None of the other alternatives apply
You are responsible for increasing the security within the Company LAN. Of the following choices listed below,
which is true regarding layer 2 security and mitigation techniques? ()
A. Enable root guard to mitigate ARP address spoofing attacks.
B. Configure DHCP spoofing to mitigate ARP address spoofing attacks.
C. Configure PVLANs to mitigate MAC address flooding attacks.
D. Enable root guard to mitigate DHCP spoofing attacks.
E. Configure dynamic APR inspection (DAI) to mitigate IP address spoofing on DHCP untrusted ports.
F. Configure port security to mitigate MAC address flooding
G. None of the other alternatives apply
Refer to the exhibit. An attacker is connected to interface Fa0/11 on switch A-SW2 and attempts to establish a DHCP server for a man-in-middle attack.
Which recommendation, if followed, would mitigate this type of attack?()
A. All switch ports in the Building Access block should be configured as DHCP untrusted ports.
B. All switch ports in the Building Access block should be configured as DHCP trusted ports.
C. All switch ports connecting to servers in the Server Farm block should be configured as DHCP untrusted ports.
D. All switch ports connecting to hosts in the Building Access block should be configured as DHCP trusted ports.
E. All switch ports in the Server Farm block should be configured as DHCP untrusted ports.
F. All switch ports connecting to hosts in the Building Access block should be configured as DHCP untrusted ports.
Refer to the exhibit. On the basis of the output generated by the show commands,
which two statements are true?()
A. Because it is configured as a trunk interface, interface gigabitethernet 0/1 does not appear in the show vlan output.
B. VLAN 1 will not be encapsulated with an 802.1q header.
C. There are no native VLANs configured on the trunk.
D. VLAN 2 will not be encapsulated with an 802.1q header.
E. All interfaces on the switch have been configured as access ports.
F. Because it has not been assigned to any VLAN, interface gigabitethernet 0/1 does not appear in the show vlan output.
Refer to the exhibit. Based upon the output of show vlan on switch CAT2,
what can we conclude about interfaces Fa0/13 and Fa0/14? ()
A. that interfaces Fa0/13 and Fa0/14 are in VLAN 1
B. that interfaces Fa0/13 and Fa0/14 are down
C. that interfaces Fa0/13 and Fa0/14 are trunk interfaces
D. that interfaces Fa0/13 and Fa0/14have a domain mismatch with another switch
E. that interfaces Fa0/13 and Fa0/14have a duplex mismatch with another switch
最新試題
Refer to the exhibit. STP has been implemented in the network. Switch SW_A is the root switch for the default VLAN. To reduce the broadcast domain, the network administrator decides to split users on the network into VLAN 2 and VLAN 10. The administrator issues the command spanning-tree vlan 2 root primary on switch SW_A. What will happen as a result of this change?()
Refer to the exhibit. Which Virtual Router Redundancy Protocol (VRRP) statement is true about the roles of the master virtual router and the backup virtual router?()
During routine maintenance, it became necessary to shutdown G1/0/1 on DS1 and DS2. All other interface were up. During this time, DS1 became the active device for Vlan104’s HSRP group. As related to Vlan104’s HSRP group. What can be done to make the group function properly ? ()
Which three statements are true of the Link Aggregation Control Protocol (LACP)?()
Refer to the exhibit. Switch S2 contains the default configuration. Switches S1 and S3 both have had the command spanning-tree mode rapid-pvst issued on them. What will be the result?()
Refer to the exhibit and the partial configuration of switch SW_A and SW_B. STP is configured on all switches in the network. SW_B receives this error message on the console port:00:06:34: %CDP-4-DUPLEX_MISMATCH: duplex mismatch discovered on FastEthernet0/5 (not half duplex), with SW_A FastEthernet0/4 (half duplex) , with TBA05071417(Cat6K-B) 0/4 (half duplex). What would be the possible outcome of the problem?()
Which router redundancy protocol cannot be configured for interface tracking?()
During routine maintenance, G1/0/1 on DS1 was shutdown. All other interface were up. DS2 became the active HSRP device for Vlan101 as desired. However, after G1/0/1 on DS1 was reactivated. DS1 did not become the active HSRP device as desired. What need to be done to make the group for Vlan101 function properly ? ()
What must be the same to make multiple switches part of the same Multiple Spanning Tree (MST)?()
Refer to the exhibit. Which statement is true about the output?()