Like routers, both Layer 2 and Layer 3 switches have their own sets of
network security requirements. Unlike routers, however, there is not much
public information available that discusses the network security risks in
switches and what can be done to mitigate those risks. This module covers Layer
2 attacks and how to use Cisco IOS features to mitigate such threats to the
network. The learner will be introduced to several types of Layer 2 attacks and
will learn strategies to mitigate these attacks.
Upon completing this
module, the student will be able to mitigate network Layer 2 attacks including
Content-Addressable Memory (CAM) table overflow, VLAN hopping, Spanning-Tree
Protocol manipulation, Media Access Control (MAC) Address spoofing, and DHCP
starvation.
PIX Security Appliance Command Reference
Cisco IOS Security Command Reference
 |
NOTE:
It is required that the student study the commands covered in the
chapter using the labs and the Command Reference. Not all required commands are
covered in sufficient detail in the text alone. Successful completion of this
course requires a thorough knowledge of command syntax and application.
|