From the course: Cisco Certified Network Associate (CCNA) v1.1 (200-301) Cert Prep
Join today to access over 24,900 courses taught by industry experts.
Port security theory
From the course: Cisco Certified Network Associate (CCNA) v1.1 (200-301) Cert Prep
Port security theory
(bright music) - [Instructor] At this point in the lesson, we've seen a couple of ways of launching a man-in-the-middle or an on-path attack. And in this video, we'll take a look at yet another way and a Cisco switch security feature that can help us out. Consider this scenario. Let's say that we have an attacker that gets access to a switch port and they send a series of frames into that switch. And here's the interesting thing, each of those frames claim to come from a different source MAC address. And if they continually bombard that switch port with frame after frame each claiming to be from a different MAC address, then that switch's MAC address table can fill to capacity. What happens if a MAC address table fills to capacity? Well, if a new device plugs in or boots up on that switch, their MAC address will not be learned by the switch. It's almost as if they're connected to an old ethernet hub, meaning that that attacker can connect to the switch and capture traffic and see…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
(Locked)
Lesson 2: Common network architectures and designs2m
-
(Locked)
Three-tier vs. collapsed core architectures5m 1s
-
(Locked)
Spine-leaf design for data centers3m 22s
-
(Locked)
Wide area network (WAN) topologies10m 45s
-
(Locked)
Small office and home office (SOHO) architecture2m 18s
-
(Locked)
Cloud deployment models4m 21s
-
(Locked)
-
-
(Locked)
Lesson 3: Network cabling2m 29s
-
(Locked)
Coax cables and connectors4m 17s
-
(Locked)
Twisted pair cables and connectors6m 29s
-
(Locked)
Ethernet standards for twisted pair cables3m 49s
-
(Locked)
Straight through vs. crossover cables5m 15s
-
(Locked)
Fiber optic cables4m 1s
-
(Locked)
Fiber optic connectors2m 51s
-
(Locked)
Ethernet standards for fiber optic cables4m 4s
-
(Locked)
Power over Ethernet (PoE)5m 35s
-
(Locked)
Troubleshooting common cabling issues6m 24s
-
(Locked)
-
-
(Locked)
Lesson 4: Subnetting2m 24s
-
(Locked)
The need for subnetting6m 33s
-
(Locked)
Calculating available subnets3m 44s
-
(Locked)
Calculating available hosts3m 56s
-
(Locked)
Subnetting practice exercise #14m 8s
-
(Locked)
Subnetting practice exercise #23m 31s
-
(Locked)
Calculating usable ranges of IPv4 addresses5m 52s
-
(Locked)
Subnetting practice exercise #34m 12s
-
(Locked)
-
-
(Locked)
Module 3: IPv6 addressing1m 39s
-
(Locked)
Lesson 1: IPv6 address format and communication2m 16s
-
(Locked)
Hexadecimal numbering7m 31s
-
(Locked)
IPv6 address format3m 57s
-
(Locked)
Shortening an IPv6 address3m 6s
-
(Locked)
IPv6 address shortening exercise2m
-
(Locked)
IPv6 traffic flows2m 39s
-
(Locked)
-
-
(Locked)
Lesson 2: IPv6 address types2m 47s
-
(Locked)
IPv6 global unicast2m 51s
-
(Locked)
IPv6 multicast4m
-
(Locked)
IPv6 link-local2m 54s
-
(Locked)
IPv6 unique local2m 10s
-
(Locked)
IPv6 loopback1m 33s
-
(Locked)
IPv6 unspecified2m 40s
-
(Locked)
IPv6 solicited-node multicast3m 34s
-
(Locked)
Manual IPv6 address assignment6m 42s
-
(Locked)
EUI-642m 56s
-
(Locked)
Dynamic IPv6 address assignment10m 55s
-
(Locked)
-
-
(Locked)
Lesson 5: Spanning Tree Protocol (STP)3m 30s
-
(Locked)
STP port states9m 5s
-
(Locked)
STP exercise7m 24s
-
(Locked)
STP convergence times2m 59s
-
(Locked)
PVST+ theory and configuration13m 36s
-
(Locked)
Portfast4m 14s
-
(Locked)
Root guard6m 14s
-
(Locked)
Loop guard6m 56s
-
(Locked)
BPDU filter6m 53s
-
(Locked)
BPDU guard7m 32s
-
(Locked)
MSTP theory2m 43s
-
(Locked)
Rapid PVST+ theory9m 10s
-
(Locked)
Rapid PVST+ configuration6m 58s
-
(Locked)
-
-
(Locked)
Module 6: Wireless networks1m 20s
-
(Locked)
Lesson 1: Overview of wireless networks1m 49s
-
(Locked)
Wireless access points5m 41s
-
(Locked)
Wireless LAN (WLAN) designs2m 48s
-
(Locked)
Access point modes7m
-
(Locked)
Service set terminology3m 47s
-
(Locked)
Radio frequency (RF) basics10m 10s
-
(Locked)
Wireless interference2m 2s
-
(Locked)
-
-
(Locked)
Lesson 4: Network management services1m 35s
-
(Locked)
Options for network management access6m 40s
-
(Locked)
Artificial intelligence (AI) for network management12m 9s
-
(Locked)
Simple Network Management Protocol (SNMP) theory4m 46s
-
(Locked)
SNMP configuration7m 53s
-
(Locked)
Syslog5m 52s
-
(Locked)
Configuring remote access with secure shell (SSH)3m 34s
-
(Locked)
FTP and TFTP6m 58s
-
(Locked)
-
-
(Locked)
Module 8: Network security2m 6s
-
(Locked)
Lesson 1: Threats and defense3m 55s
-
(Locked)
CIA triad4m 16s
-
(Locked)
Threats vs. vulnerabilities2m 14s
-
(Locked)
Social engineering attacks7m 43s
-
(Locked)
Denial-of-service attacks5m 42s
-
(Locked)
Other common attacks9m 10s
-
(Locked)
Password protection of Cisco devices11m 19s
-
(Locked)
Authentication, authorization, and accounting (AAA)8m 42s
-
(Locked)
Multifactor authentication2m 12s
-
(Locked)
Encryption9m 23s
-
(Locked)
Virtual private networks (VPNs)10m 14s
-
(Locked)
Password best practices3m 58s
-
(Locked)
Wireless security protocols10m 9s
-
(Locked)
Configuring a wireless LAN for WPA2 with a pre-shared key2m 3s
-
(Locked)
-
-
(Locked)
Lesson 3: Layer 2 security features1m 17s
-
(Locked)
DHCP snooping theory4m 4s
-
(Locked)
DHCP snooping configuration3m 46s
-
(Locked)
Dynamic ARP Inspection (DAI) theory4m 9s
-
(Locked)
Dynamic ARP Inspection (DAI) configuration15m 33s
-
(Locked)
Port security theory5m 16s
-
(Locked)
Port security configuration7m 34s
-
(Locked)