What mitigation plan is best for thwarting a DoS attack that is creating a MAC address table overflow?
- Disable DTP.
- Disable STP.
- Enable port security.
- Place unused ports in an unused VLAN.
Explanation: A MAC address (CAM) table overflow attack, buffer overflow, and MAC address spoofing can all be mitigated by configuring port security. A network administrator would typically not want to disable STP because it prevents Layer 2 loops. DTP is disabled to prevent VLAN hopping. Placing unused ports in an unused VLAN prevents unauthorized wired connectivity.
More Questions: Module 14: Quiz – Layer 2 Security Considerations Network Security
More Questions: CCNA 2 v7 Modules 10 – 13 Exam Answers
More Questions: Switching, Routing, and Wireless Essentials ( Version 7.00) – SRWE Final Exam