I'm sorry but you are wrong, the DHCP snooping will prevent the MAC flooding attacks if you recall when configuring DHCP snooping the untrusted ports ( access links that go to end devices have the command IP dhcp snooping limit-rate ) . Even I do understand the if we get a rouge DHCP server it can SPOOF DG , DNS and do a MITM attack) but 802.1x does take care of that asking users who want access to the network to provide valid credentials .
Wrong, the original answer is correct. DHCP snooping prevents MAC flooding starvation attack, 802.1x verifies endpoint identity and prevents MITM spoofing.
wrong. DHCP snooping stops Rogue servers. Dynamic Arp inspection stops MITM attacks. 802.1x is to authenticate users and they dont get access until they authenticate.
given answer is wirong
correct answers are the following:
* 802.1q double-tagging VLAN-hopping attack = configure the native VLAN with a nondefault VLAN ID
* MAC flooding attack = configure 802.1x authenticate
* man-in-the-middle spoofing attack = configure DHCP snooping
* switch-spoofing VLAN-hopping attack = disable DTP
- We can prevent the MAC Flooding attack with various methods including configuration of IEEE 802.1X suites.
- Man-in-the-Middle Attacks: In this type of attack, someone tries to intercept and modify the communication between two computers. This can be used to steal sensitive information or inject malicious code into communication. DHCP snooping can detect and prevent these kinds of attacks.
given answer is correct, you need to double check yours
MAC flooding attack = configure 802.1x authenticate
think, before 802.1x authenticated, end user already established communication, its not stopping mac flooding.
where having dhcp snooping enabled, a switch validate mac address against "DHCP Binding Table" that builds from trusted communication with dhcp server.
How to prevent the MAC Flooding Attack?
We can prevent the MAC Flooding attack with various methods. The following are some of these methods.
1) Port Security
2) Authentication with AAA server
3) Security measures to prevent ARP Spoofing or IP Spoofing
4) Implement IEEE 802.1X suites
https://www.interserver.net/tips/kb/mac-flooding-prevent/
To prevent MAC flooding attacks, network operators usually rely on the presence of one or more features in their network equipment:
Implementations of IEEE 802.1X suites often allow packet filtering rules to be installed explicitly by an AAA server based on dynamically learned information about clients, including the MAC address.
https://en.wikipedia.org/wiki/MAC_flooding
Here is the mapping of the attack mitigation techniques to the types of attacks:
| Attack Type | Mitigation Technique |
|---|---|---|
| 802.1q double-tagging VLAN-hopping attack | Configure the native VLAN with a non-default VLAN ID |
| MAC flooding attack | Configure DHCP snooping |
| Man in The Middle attack | Configure 802.1X authenticate |
| switch-spoofing VLAN-hopping attack | Disable DTP |
I think the original answer is correct.
Despite the confusion that 802.1x and DHCP Snooping can mitigate MiTM, however 802.1x is generally considered the strongest and recommended feature for this attack as it provides TRUE individual authentication.
https://garykongcybersecurity.medium.com/insecure-802-1x-port-based-authentication-using-eap-md5-c2b298bfc3ab
And about MAC Flooding attack, the best way to mitigate it is with port-security, or with DHCP Snooping feature activated, limiting the reception rate, with commands:
# ip dhcp snooping limit rate 10
#ip arp inspection limit rate 8
and about "802.1q double-tagging VLAN-hopping." If you use the default native Vlan 1 and the network is using the native vlan for another vlan, and there is traffic from native vlans (without tags) through the trunk ports, and the default native vlan would mistakenly receive this traffic from another native vlan (not default) used on the network.
Implementing IEEE 802.1X suites will allow packet filtering rules to be installed explicitly by an AAA server based on dynamically learned information about clients, including the MAC address. These are the methods often used to prevent the MAC Flooding attack.
https://www.interserver.net/tips/kb/mac-flooding-prevent/
How to prevent the MAC Flooding Attack?
We can prevent the MAC Flooding attack with various methods. The following are some of these methods.
1) Port Security
2) Authentication with AAA server
3) Security measures to prevent ARP Spoofing or IP Spoofing
4) Implement IEEE 802.1X suites
2nd & 3rd answer should be swapped, Mac flooding should be prevented by 802.1x implementation
DHCP Snooping and 80.1x Authenticate are placed in the wrong Attacks, Need to be replaces, Admin Please change the Answers
Refer to the links below for further understandings.
https://www.interserver.net/tips/kb/mac-flooding-prevent/?__cf_chl_tk=HBU0WjmLQLFAbu4i57fVpxtcHbOHnpJti.oipqw.CyU-1649211364-0-gaNycGzNCJE
http://solidsystemsllc.com/prevent-man-in-the-middle-attacks/
https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/
Check the source
https://www.interserver.net/tips/kb/mac-flooding-prevent/
Mac flooding is overcome by 802.1X
MITM attack is overcome by DHCP Snooping
Please correct the answers @Admin
Not correct. Right answer is https://itexamanswers.net/question/drag-and-drop-the-attack-mitigation-techniques-from-the-left-onto-the-types-of-attack-that-they-mitigate-on-the-right
The answer posted to the website is wrong. 802.1x is for MAC flooding, and DHCP snooping is for MITM attacks. I just googled them both individually. Plus, that's what two other braindumps that I'm studying have as their correct answer, including the link that sinear posted.
The first and the 4th are correct. 2nd and 3rd answers are wrong and need to be switched. Instead of reading answers on another exam web site, I prefer reading about the topic on sites that actually describe the issue.
upvoted 10 times
...
...
This section is not available anymore. Please use the main Exam Page.200-301 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
martco
Highly Voted 4 years, 2 months agomatass_md
9 months agoaklas
1 year, 4 months ago[Removed]
10 months, 2 weeks agovadiminski
3 years, 11 months agodave1992
3 years, 6 months agoiGlitch
2 years, 10 months agoGere
Highly Voted 4 years, 1 month agoriteshm42
Most Recent 1 month, 3 weeks ago[Removed]
1 year, 1 month agoLse
3 months agoStarlord2535
1 year, 1 month agoStarlord2535
1 year, 1 month agopicho707
1 year, 6 months agodropspablo
1 year, 10 months agojorgenn
2 years, 10 months agokentsing
2 years, 11 months agomsomali
3 years agocybernett
4 years, 1 month agosinear
4 years, 3 months agoLTTAM
4 years, 3 months agoLittleowl
4 years, 2 months agoZerotime0
4 years, 2 months agoJamesDean_YouIdiots
3 years, 11 months agoAli526
4 years, 2 months ago