The simplest method of getting Cisco 642-832 exam sample questions from Flydumps and download the Cisco 642-832 test questions and answers about the solutions to obtain a Cisco 642-832 exam. Included in our online Cisco 642-832 exam sample questions, we provide the most recent Cisco 642-832 educational materials and a great variety of Cisco 642-832 exam solutions. Flydumps Cisco 642-832 exam sample questions becomes progressively important, since they’re constantly presenting new techniques of testing to make sure it Flydumps Cisco 642-832 exam sample questions based Cisco 642-832 exam with simulations.
You want to enhance the security within the Company LAN and prevent VLAN hopping. What two steps can be taken to help prevent this? (Select two)
A. Enable BPD guard
B. Disable CDP on ports where it is not necessary
C. Place unused ports in a common unrouted VLAN
D. Prevent automatic trunk configuration
E. Implement port security
Correct Answer: CD Explanation
To prevent VLAN hoping you should disable unused ports and put them in an unused VLAN, or a separate unrouted VLAN. By not granting connectivity or by placing a device into a VLAN not in use, unauthorized access can be thwarted through fundamental physical and logical barriers. Another method used to prevent VLAN hopping is to prevent automatic trunk configuration. Hackers used 802.1Q and ISL tagging attacks, which are malicious schemes that allow a user on a VLAN to get unauthorized access to another VLAN. For example, if a switch port were configured as DTP auto and were to receive a fake DTP packet, it might become a trunk port and it might start accepting traffic destined for any VLAN. Therefore, a malicious user could start communicating with other VLANs through that compromised port. References:
The Company network is being flooded with invalid Layer 2 addresses, causing switch CAM tables to be filled and forcing unicast traffic to be transmitted out all switch ports. Which type of Layer 2 attack is being used here?