Securing the Switch for Cisco CCNA 200-125/100-105

By Ross Bagurdes
This course will describe some of the most severe switch security risks and discuss the mechanisms to help mitigate attacks through the well-known vectors.
Play course overview
Course info
Rating
(35)
Level
Intermediate
Updated
Oct 10, 2016
Duration
2h 26m
Table of contents
Course Overview
Course Overview 2m
The Native VLAN
Introduction 1m What Is the Native VLAN? 4m Native VLAN Security Concerns: VLAN Hopping 4m Preventing VLAN Hopping 6m Demo: Examining the Configurations on Switch 1 and 2 4m Demo: Capturing Tagged and Untagged Frames in Wireshark 5m Summary 1m
Dynamic Trunking Protocol (DTP)
Introduction 0m What Is Dynamic Trunking Protocol (DTP)? 9m Demo: Examining the Behavior of an Access Port 3m Demo: Examining the Behavior of an Access Port and a Dynamic Desirable Port 5m Demo: Examining Behavior of an Access Port and a Trunk Port 6m Summary 1m
Switchport Port Security
Introduction 0m The Flooding Attack 5m What Is Switchport Port Security? 9m What Does a Switch Do When It Gets a Bad Frame? 6m Demo: Setting up the Initial Port Security 13m Demo: Examining What Happens When There Are Port Security Violations 8m Demo: How Switches Deal with Violations - Restrict 3m Demo: How Switches Deal with Violations - Protect 3m Demo: Configuring Allowed MAC Addresses on Ports - Static 6m Demo: Configuring Allowed MAC Addresses on Ports - Sticky 5m Summary 1m
Check Your Knowledge
Introduction 1m Demo: Setting up the Initial Secure Configuration on the Switch 9m Demo: Configuring Secure Trunk Links on a Switch 7m Demo: Troubleshooting Native VLAN Issues 7m Demo: Troubleshooting Port Security Issues 9m Summary 1m
Description
Course info
Rating
(35)
Level
Intermediate
Updated
Oct 10, 2016
Duration
2h 26m
Description

Switches are fantastic devices, allowing you to create VLANs, trunks, as well as offer fast and somewhat private communication. However, the basic nature of switch operation, as well as the advent of trunk links, VLAN tags and some backwards compatibility features, created some extra security risks that were not anticipated upon the advent of the technology. In this course, Securing the Switch for Cisco CCNA 200-125/100-10, you will start off by learning about frame double-tagging. Next, you'll move onto the native VLAN security issues and DTP. You'll wrap up the course with a demonstration of creating a secure base configuration for a switch. By the end of this course, you'll know how to put a secure base configuration on a switch, mitigating many layer 2 attacks against Ethernet.

About the author
Ross Bagurdes
About the author

For nearly 20 years, Ross has taught and managed data networks.

More from the author
Multi-Access Edge Computing (MEC): Executive Briefing
Beginner
27m
Jun 20, 2019
5G Networks: Executive Briefing
Beginner
28m
Jun 4, 2019
Wireshark Traffic Analysis: Customizing the Interface, ARP, ICMP, and DNS
Intermediate
3h 18m
Dec 27, 2018
More courses by Ross Bagurdes
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi, everyone! My name is Ross Bagurdes and welcome to my course, Securing the Switch. I am a network engineer with 20 years experience building and managing Enterprise networks and teaching people about them. Switches may or may not have been part of the Ethernet vision when the Ethernet was being developed in the 70s and 80s. However, by the mid to late 1990s, switching became an important piece of data networking and has not stopped growing since. Because of this rapid implementation and growth of Ethernet and switching, there was not always an eye focused on security flaws in switch design, especially in trunk link operation. In this course we're going to cover the native VLAN and the security issues it creates, MAC address flooding of a switch, and switchport Port security which is a mechanism we can use to prevent some security issues. By the end of this course you'll know how to put a secure base configuration on an Ethernet switch, mitigating many layer-2 attacks against Ethernet. Before beginning the course you should be familiar with switching, VLANs, and VLAN trunking. From here you should feel comfortable diving into the rest of the CCNA series. I hope you'll join me on this journey to learn switch security with the Security the Switch course at Pluralsight.

You're the smartest person in the room

PROVE IT

Your team won't just close the skills gap

THEY'LL HURDLE IT