Question

Attacker generates towards of forged frames with intent to overwhelm the switches MAC table. This way the switch can no longer make intelligent forwarding decisions.

What can you enable to prevent this?

a) STP (Spanning Tree Protocol)
b) VLANs (Virtual LANs)
c) Port Security
d) Subnetting

Answer 1

To prevent an attacker from overwhelming a switch's MAC table, you can enable Port Security, which restricts the number of valid MAC addresses allowed on a switch port.

Step-by-step explanation:

An attacker generating large amounts of forged frames to overwhelm a switch's MAC table is executing a kind of network attack known as MAC flooding. MAC flooding can cause a switch to enter a fail-open mode, behaving as a hub and broadcasting packets to all ports, which may lead to security vulnerabilities.

To prevent this, you can enable Port Security on the switch. Port Security is a feature on network switches that allows the switch to restrict input to a port to only those MAC addresses that are known to be associated with the port. If the number of MAC addresses on a single port exceeds a specified limit, or if there's traffic from a MAC address not recognized by the switch, the port can be configured to shut down or restrict the offending traffic.

While STP, VLANs, and subnetting serve different purposes in a network, Port Security specifically addresses the issue of MAC table overflow.