Question:
Which network attack is mitigated by enabling BPDU guard?
- rogue switches on a network
- CAM table overflow attacks
- MAC address spoofing
- rogue DHCP servers on a network
Explanation: There are several recommended STP stability mechanisms to help mitigate STP manipulation attacks:
PortFast – used to immediately bring an interface configured as an access or trunk port to the forwarding state from a blocking state. Applied to all end-user ports.
BPDU guard – immediately error-disables a port that receives a BPDU. Applied to all end-user ports.The receipt of BPDUs may be part of an unauthorized attempt to add a switch to the network.
Root guard – prevents a switch from becoming the root switch. Applied to all ports where the root switch should not be located.
Loop guard – detects unidirectional links to prevent alternate or root ports from becoming designated ports. Applied to all ports that are or can become nondesignated.
Exam with this question: CCNA 2 v7 Course Final Exam Answers
Exam with this question: CCNA Security Certification Practice Exam Answers
Please login or Register to submit your answer