A security technician at a small business is worried about the Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling
network connections between switches.
Which of the following will BEST mitigate the risk if implemented on the switches?

A.
Spanning tree

B.
Flood guards

C.
Access control lists

D.
Syn flood

Explanation:
Spanning Tree is designed to eliminate network `loops’ from incorrect cabling between switches. Imagine two switches named switch 1 and switch 2 with two
network cables connecting the switches. This would cause a network loop. A network loop between two switches can cause a `broadcast storm’ where a broadcast
packet is sent out of all ports on switch 1 which includes two links to switch 2. The broadcast packet is then sent out of all ports on switch 2 which includes links
back to switch 1. The broadcast packet will be sent out of all ports on switch 1 again which includes two links to switch 2 and so on thus flooding the network with
broadcast traffic.
The Spanning-Tree Protocol (STP) was created to overcome the problems of transparent bridging in redundant networks. The purpose of STP is to avoid and
eliminate loops in the network by negotiating a loop-free path through a root bridge. This is done by determining where there are loops in the network and blocking
links that are redundant. Spanning-Tree Protocol executes an algorithm called the Spanning-Tree Algorithm (STA). In order to find redundant links, STA will choose
a reference point called a Root Bridge, and then determines all the available paths to that reference point. If it finds a redundant path, it chooses for the best path to
forward and for all other redundant paths to block. This effectively severs the redundant links within the network.
All switches participating in STP gather information on other switches in the network through an exchange of data messages. These messages are referred to as
Bridge Protocol Data Units (BPDUs). The exchange of BPDUs in a switched environment will result in the election of a root switch for the stable spanning-tree
network topology, election of designated switch for every switched segment, and the removal of loops in the switched network by placing redundant switch ports in
a backup state.
Incorrect Answers:
B: Flood guards are used to prevent network flooding attacks such as DoS, SYN floods, ping floods etc. However, this question states that a security technician at a
small business is worried about the Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling network connections
between switches. Spanning tree is a more appropriate answer is this scenario. Therefore, this answer is incorrect.
C: Access control lists would not prevent a DoS style attack caused by staff incorrectly cabling network connections between switches. Switch traffic is not allowed
or disallowed using Access control lists. Therefore, this answer is incorrect.
D: A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume
enough server resources to make the system unresponsive to legitimate traffic. It is not used to prevent a DoS style attack caused by staff incorrectly cabling

network connections between switches. Therefore, this answer is incorrect.

http://www.symantec.com/business/support/index?page=content&id=HOWTO6019 https://www.google.co.uk/webhp?sourceid=chromeinstant&ion=1&espv=2&ie=UTF-8#q=syn %20flood