What is one method that can be used to do this?

seenagapeJanuary 17, 2015

The Company security administrator wants to prevent VLAN hopping on the network. What
is one method that can be used to do this?

PrepAway - Latest Free Exam Questions & Answers

A.
Configure VACLs.

B.
Configure all frames with two 802.1Q headers.

C.
Enforce username/password combinations.

D.
Configure VACLs.

E.
Explicitly turn off Dynamic Trunking Protocol (DTP) on all unused ports.

F.
All of the above

Explanation:
When securing VLAN trunks, also consider the potential for an exploit called VLAN hopping.
Here, an attacker positioned on one access VLAN can craft and send frames with spoofed
802.1Q tags so that the packet payloads ultimately appear on a totally different VLAN, all
without the use of a router.
For this exploit to work, the following conditions must exist in the network configuration:
+ The attacker is connected to an access switch port.
+ The same switch must have an 802.1Q trunk.
+ The trunk must have the attacker’s access VLAN as its native VLAN.
To prevent from VLAN hopping turn off Dynamic Trunking Protocol on all unused ports.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Cisco Exam Questions

Free Cisco Study Guide

What is one method that can be used to do this?

Leave a Reply Cancel reply