A security technician at a small business is worried about the Layer 2 switches in the network
suffering from a DoS style attack caused by staff incorrectly cabling network connections between
switches.
Which of the following will BEST mitigate the risk if implemented on the switches?
A.
Spanning tree
B.
Flood guards
C.
Access control lists
D.
Syn flood
The key in here is the fact that we are “worried about the Layer 2 switches in the network suffering from a DoS style attack”. So we are after a Protocol or technology that works solely on Layer 2Swicthes
Traditional switching operates at layer 2 of the OSI model, where packets are sent to a specific switch port based on destination MAC addresses. Routing operates at layer 3, where packets are sent to a specific next-hop IP address, based on destination IP address.
WRONG ANSWERS:From the onset we can eliminate:
C. Access control lists – An access control list (ACL) is a list of access control entries (ACE). Each ACE in an ACL identifies a trustee and specifies the access rights allowed, denied, or audited for that trustee. The security descriptor for a securable object can contain two types of ACLs: a DACL and a SACL… An ACL on a Layer 2 switches will not stop DoS style attack.
D. Syn flood – A SYN flood is a form of denial-of-service attack in which an attacker sends a succession of SYN requests to a target’s system in an attempt to consume enough server resources to make the system unresponsive to legitimate traffic
So it is a tossup between A & B.
A. Spanning tree- Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network. This is an actual form of attack.
B. Flood guards – Flood Guard: flood guards serve as preventive control against denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks. … It is capable of monitoring network traffic to identify DoS attacks in progress generated through packet flooding.
The Crux of the matter is that only “Spanning tree” work solely on a Layer 2.
Spanning Tree is designed to eliminate network `loops’ from incorrect cabling between switches.
0
0