What mitigation plan is best for thwarting a DoS attack that is creating a switch buffer overflow?
- Enable port security.
- Disable STP.
- Disable DTP.
- Place unused ports in an unused VLAN.
Explanation: A MAC address (CAM) table overflow attack, buffer overflow, and MAC address spoofing can all be mitigated by configuring port security. A network administrator would typically not want to disable STP because it prevents Layer 2 loops. DTP is disabled to prevent VLAN hopping. Placing unused ports in an unused VLAN prevents unauthorized wired connectivity.
Exam with this question: CCNA Security Certification Practice Exam Answers
Please login or Register to submit your answer