• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/8

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

8 Cards in this Set

  • Front
  • Back

SSH

Secure SHell, protocol that provides encrypted communication. Uses TCP port 22

Configure SSH on switch

ip ssh version 2


crypto key generate rsa


crypto key zeroize rsa (deletes key pair)

Attack: MAC Address Flooding

Attack on Switch where frames with fake source/destination MAC addresses are sent to populate the MAC table to overload the switch. The frames are broadcasted to all ports (but the origin) due to an unknown destination address

Attack: DHCP Spoof

Creating a malicious DHCP server for victims to connect to. Paired with a DHCP Starvation attack to starve the legit DHCP server of free addresses.

CDP

Cisco Discovery Protocol. Discovers other directly connected cisco devices for auto-configuration of connection. It broadcasts unencrypted packets which can be used by attackers to find flaws or hijacked with fake CDP packets.


- Recommended to be turned off

Security Practices:

- Shut down unused ports and services


- Use HTTPS over HTTP for login sites


- Encrypt sensitive data


- Perform backups and test these backups

Port Security feature

Limits the number of MAC addresses assigned to a single port. Can hold Static, Dynamic or Sticky MAC addresses

Violation Modes on a Switch

If a port security violation occurs:


- Protect: Drops packets with unknown source addresses if the MAC table is full. Provides no violation notification.


- Restrict: Same as protect, but provides a notification.


- Shutdown: Causes Port to become error-disabled and shuts down.