Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
8 Cards in this Set
- Front
- Back
SSH |
Secure SHell, protocol that provides encrypted communication. Uses TCP port 22 |
|
Configure SSH on switch |
ip ssh version 2 crypto key generate rsa crypto key zeroize rsa (deletes key pair) |
|
Attack: MAC Address Flooding |
Attack on Switch where frames with fake source/destination MAC addresses are sent to populate the MAC table to overload the switch. The frames are broadcasted to all ports (but the origin) due to an unknown destination address |
|
Attack: DHCP Spoof |
Creating a malicious DHCP server for victims to connect to. Paired with a DHCP Starvation attack to starve the legit DHCP server of free addresses. |
|
CDP |
Cisco Discovery Protocol. Discovers other directly connected cisco devices for auto-configuration of connection. It broadcasts unencrypted packets which can be used by attackers to find flaws or hijacked with fake CDP packets. - Recommended to be turned off |
|
Security Practices: |
- Shut down unused ports and services - Use HTTPS over HTTP for login sites - Encrypt sensitive data - Perform backups and test these backups |
|
Port Security feature |
Limits the number of MAC addresses assigned to a single port. Can hold Static, Dynamic or Sticky MAC addresses |
|
Violation Modes on a Switch |
If a port security violation occurs: - Protect: Drops packets with unknown source addresses if the MAC table is full. Provides no violation notification. - Restrict: Same as protect, but provides a notification. - Shutdown: Causes Port to become error-disabled and shuts down. |