Previous Chapter  

Module 8: Minimizing Service Loss and Data Theft in a Campus Network

8.1 Understanding Switch Security Issues
8.1.1 Overview of Switch Security Concerns
8.1.2 Describing Unauthorized Access by Rogue Devices
8.1.3 Switch Attack Categories
8.1.4 Describing a MAC Flooding Attack
8.1.5 Describing Port Security
8.1.6 Configuring Port Security on a Switch
8.1.7 Port Security with Sticky MAC Addresses
8.1.8 Authentication, Authorization, and Accounting
8.1.9 Authentication Methods
8.1.10 802.1x Port-Based Authentication
8.2 Protecting Against VLAN Attacks
8.2.1 Explaining VLAN Hopping
8.2.2 Mitigating VLAN Hopping
8.2.3 VLAN Access Control Lists
8.2.4 Configuring VACLs
8.2.5 Private VLANs and Protected Ports
8.2.6 Configuring PVLANs
8.3 Protecting Against Spoof Attacks
8.3.1 Describing a DHCP Spoof Attack
8.3.2 Describing DHCP Snooping
8.3.3 Configuring DHCP Snooping
8.3.4 Describing ARP Spoofing
8.3.5 Dynamic ARP Inspection
8.3.6 Configuring Dynamic ARP Inspection
8.3.7 Protecting Against ARP Spoofing Attacks
8.4 STP Security Mechanisms
8.4.1 Protecting the Operation of STP
8.4.2 Configuring BPDU Guard
8.4.3 Configuring BPDU Filtering
8.4.4 Root Guard
8.4.5 Configuring Root Guard
8.5 Preventing STP Forwarding Loops
8.5.1 Unidirectional Link Detection
8.5.2 Loop Guard
8.5.3 Configuring UDLD and Loop Guard
8.5.4 Preventing STP Failures Due to Unidirectional Links
8.6 Securing Network Switches
8.6.1 Describing Vulnerabilities in CDP
8.6.2 Telnet Protocol Vulnerabilities
8.6.3 Configuring the Secure Shell Protocol
8.6.4 vty ACLs
8.6.5 Applying ACLs to vty Lines
8.6.6 Best Practices for Switch Security
8.7 Switch Security Lab Exercises
8.7.1 Lab 8-1 Securing the Layer 2 Switching Devices
8.7.2 Lab 8-2 Securing Spanning Tree Protocol
8.7.3 Lab 8-3 Securing VLANs with Private VLANs, RACLs, and VACLs
 Previous Chapter  

netacad.kiev.ua