Last Updated on October 29, 2020 by Admin
Which network attack is mitigated by enabling BPDU guard?
- rogue switches on a network
- rogue DHCP servers on a network
- MAC address spoofing
- CAM table overflow attacks
There are several recommended STP stability mechanisms to help mitigate STP manipulation attacks:
- PortFast – used to immediately bring an interface configured as an access or trunk port to the forwarding state from a blocking state. Applied to all end-user ports.
- BPDU guard – immediately error-disables a port that receives a BPDU. Applied to all end-user ports.The receipt of BPDUs may be part of an unauthorized attempt to add a switch to the network.
- Root guard – prevents a switch from becoming the root switch. Applied to all ports where the root switch should not be located.
- Loop guard – detects unidirectional links to prevent alternate or root ports from becoming designated ports. Applied to all ports that are or can become nondesignated.