Module : Minimizing Service Loss and Data Theft in a Switched Network
Module Overview
Switch Security Issues
Overview of switch security concerns
Switch attack categories
Describing a MAC flooding attack
Describing port security
Port security configuration commands
How to configure and verify port security on a switch
Port security with sticky MAC addresses
Mitigating VLAN Attacks
What is VLAN hopping?
How to mitigate VLAN hopping
What Is a private VLAN?
Configuring PVLANs
Configuring VLAN security using access lists
Mitigating Spoof Attacks
Describing a DHCP spoof attack
Describing DHCP Snooping
DHCP Snooping configuration commands
How to configure DHCP Snooping
Describing a MAC spoof attack
Describing ARP spoofing
What is Dynamic ARP Inspection?
How to configure Dynamic ARP Inspection
Implementing Authentication, Authorization, and Accounting – AAA
What is AAA?
Describing the AAA process
Authentication and authorization methods
Configuring basic AAA and authentication
Configuring AAA authorization
Configuring AAA accounting and comprehensive AAA
802.1x port based authentication
Defending Network Switches
CDP security issues
Vulnerabilities in Telnet
VTY ACLs
Secure Shell Protocol - SSH
Best practices: switch security considerations and security policies
Best practices: secure switch access
Best practices: secure switch protocols
Best practices: mitigating compromises launched through a switch
Capturing traffic in a switched network
Module: Summary
Module: Quiz



Close Window
All contents copyright ©2001-2005 Cisco Systems, Inc. All rights reserved.