Which of the following attacks can be avoided by using the built-in port security feature of Cisco switches?
A. SYN/FIN DDoS
B. SQL injection
C. ARP poisoning
D. MAC flooding
Answer (2)
The built-in port security feature of Cisco switches can help avoid MAC flooding attacks by limiting the number of MAC addresses that can be learned on a port. This prevents the switch from becoming overloaded and entering a state where it forwards traffic to all ports. Other attack types mentioned, such as SYN/FIN DDoS, SQL injection, and ARP poisoning, are not mitigated by port security.
;
In networking, the built-in port security feature of Cisco switches is designed primarily to control access to a network on a per-port basis and mitigate certain types of network attacks. Among the options provided in the question, port security can effectively help in avoiding 'MAC flooding' attacks.
MAC flooding happens when an attacker exploits the limited memory capacity of network switches to store MAC address tables. The attacker sends a large number of packets with fake source MAC addresses, which fills up the switch's MAC address table. Once the table is full, the switch can no longer sort legitimate MAC addresses and starts flooding network traffic to all ports, thereby potentially allowing the attacker to intercept packets.
When port security is enabled on a Cisco switch, it limits the number of MAC addresses that can be learned on a port. If this limit is exceeded, the switch can be configured to take action, such as dropping packets from invalid MAC addresses or disabling the port entirely, thereby preventing MAC flooding from degrading switch performance or leading to unauthorized access.
Therefore, the correct answer is Option D: MAC flooding .
