Introduction

11.0.1

Why should I take this module?

Welcome to Switch Security Configuration!

An important part of your responsibility as a network professional is to keep the network secure. Most of the time we only think about security attacks coming from outside the network, but threats can come from within the network as well. These threats can range anywhere from an employee innocently adding an Ethernet switch to the corporate network so they can have more ports, to malicious attacks caused by a disgruntled employee. It is your job to keep the network safe and ensuring that business operations continue uncompromised.

How do we keep the network safe and stable? How do we protect it from malicious attacks from within the network? How do we make sure employees are not adding switches, servers and other devices to the network that might compromise network operations?

This module is your introduction to keeping your network secure from within!

11.0.2

What will I learn in this module?

Module Title: Switch Security Configuration

Module Objective: Configure switch security to mitigate LAN attacks.

Table caption
Topic Title Topic Objective
Implement Port Security Implement port security to mitigate MAC address table attacks.
Mitigate VLAN Attacks Explain how to configure DTP and native VLAN to mitigate VLAN attacks.
Mitigate DHCP Attacks Explain how to configure DHCP snooping to mitigate DHCP attacks.
Mitigate ARP Attacks Explain how to configure ARP inspection to mitigate ARP attacks.
Mitigate STP Attacks Explain how to configure PortFast and BPDU Guard to mitigate STP attacks.