term1 Definition1term2 Definition2term3 Definition3
Please sign in to your Google account to access your documents:
SSH
Secure SHell, protocol that provides encrypted communication. Uses TCP port 22
Configure SSH on switch
ip ssh version 2
crypto key generate rsa
crypto key zeroize rsa (deletes key pair)
Attack: MAC Address Flooding
Attack on Switch where frames with fake source/destination MAC addresses are sent to populate the MAC table to overload the switch. The frames are broadcasted to all ports (but the origin) due to an unknown destination address
Attack: DHCP Spoof
Creating a malicious DHCP server for victims to connect to. Paired with a DHCP Starvation attack to starve the legit DHCP server of free addresses.
CDP
Cisco Discovery Protocol. Discovers other directly connected cisco devices for auto-configuration of connection. It broadcasts unencrypted packets which can be used by attackers to find flaws or hijacked with fake CDP packets.
- Recommended to be turned off
Security Practices:
- Shut down unused ports and services
- Use HTTPS over HTTP for login sites
- Encrypt sensitive data
- Perform backups and test these backups
Port Security feature
Limits the number of MAC addresses assigned to a single port. Can hold Static, Dynamic or Sticky MAC addresses
Violation Modes on a Switch
If a port security violation occurs:
- Protect: Drops packets with unknown source addresses if the MAC table is full. Provides no violation notification.
- Restrict: Same as protect, but provides a notification.
- Shutdown: Causes Port to become error-disabled and shuts down.
Need help typing ? See our FAQ (opens in new window)
Please sign in to create this set. We'll bring you back here when you are done.
Discard Changes Sign in
Please sign in to add to folders.
Sign in
Don't have an account? Sign Up »
You have created 2 folders. Please upgrade to Cram Premium to create hundreds of folders!