What can be implemented to help mitigate the threat of a rogue switch becoming the root bridge in an STP domain?

IT Questions BankCategory: CCNA SecurityWhat can be implemented to help mitigate the threat of a rogue switch becoming the root bridge in an STP domain?

What can be implemented to help mitigate the threat of a rogue switch becoming the root bridge in an STP domain?

  • root guard
  • loop guard
  • BPDU guard
  • Source Guard

Explanation: There are several recommended STP stability mechanisms to help mitigate STP manipulation attacks:

  • PortFast - Used to immediately bring an interface configured as an access or trunk port to the forwarding state from a blocking state. Applied to all end-user ports.
  • BPDU guard - Immediately error-disables a port that receives a BPDU. Applied to all end-user ports.
  • Root guard - Prevents a switch from becoming the root switch. Applied to all ports where root switch should not be located.
  • Loop guard - Detects unidirectional links to prevent alternate or root ports from becoming designated ports. Applied to all ports that are or can become non-designated.

Exam with this question: Quiz - Advanced Spanning Tree Tuning
Exam with this question: CCNA Security Certification Practice Exam Answers

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments