 | |
| Switch Security Issues |
|
 | |
| Overview of switch security concerns |
 |
| Switch attack categories |
 |
| Describing a MAC flooding attack |
 |
| Describing port security |
 |
| Port security configuration commands |
 |
| How to configure and verify port security on a switch |
 |
| Port security with sticky MAC addresses |
|
 |
| Mitigating VLAN Attacks |
|
 | |
| What is VLAN hopping? |
 |
| How to mitigate VLAN hopping |
 |
| What Is a private VLAN? |
 |
| Configuring PVLANs |
 |
| Configuring VLAN security using access lists |
|
 |
| Mitigating Spoof Attacks |
|
 | |
| Describing a DHCP spoof attack |
 |
| Describing DHCP Snooping |
 |
| DHCP Snooping configuration commands |
 |
| How to configure DHCP Snooping |
 |
| Describing a MAC spoof attack |
 |
| Describing ARP spoofing |
 |
| What is Dynamic ARP Inspection? |
 |
| How to configure Dynamic ARP Inspection |
|
 |
| Implementing Authentication, Authorization, and Accounting – AAA |
|
 | |
| What is AAA? |
 |
| Describing the AAA process |
 |
| Authentication and authorization methods |
 |
| Configuring basic AAA and authentication |
 |
| Configuring AAA authorization |
 |
| Configuring AAA accounting and comprehensive AAA |
 |
| 802.1x port based authentication |
|
 |
| Defending Network Switches |
|
 | |
| CDP security issues |
 |
| Vulnerabilities in Telnet |
 |
| VTY ACLs |
 |
| Secure Shell Protocol - SSH |
 |
| Best practices: switch security considerations and security policies |
 |
| Best practices: secure switch access |
 |
| Best practices: secure switch protocols |
 |
| Best practices: mitigating compromises launched through a switch |
 |
| Capturing traffic in a switched network |
|
 |