CompTIA
SY0-301 · Question #907
SY0-301 Question #907: Real Exam Question with Answer & Explanation
The correct answer is A: Spanning tree. Incorrect cabling between switches creates Layer 2 loops that cause broadcast storms - a DoS condition that Spanning Tree Protocol (STP) is specifically designed to prevent.
Question
A security technician at a small business is worried about the Layer 2 switches in the network suffering from a DoS style attack caused by staff incorrectly cabling network connections between switches. Which of the following will BEST mitigate the risk if implemented on the switches?
Options
- ASpanning tree
- BFlood guards
- CAccess control lists
- DSyn flood
Explanation
Incorrect cabling between switches creates Layer 2 loops that cause broadcast storms - a DoS condition that Spanning Tree Protocol (STP) is specifically designed to prevent.
Common mistakes.
- B. Flood guards protect against MAC address table flooding attacks where an attacker sends frames with spoofed source MACs to overflow the CAM table; they do not address physical cabling loops.
- C. Access control lists (ACLs) filter traffic based on defined rules at Layer 3 or higher and have no mechanism to detect or prevent Layer 2 switching loops.
- D. SYN flood is the name of a denial-of-service attack technique, not a switch mitigation feature.
Concept tested. Spanning Tree Protocol for Layer 2 loop prevention
Reference. https://www.cisco.com/c/en/us/tech/lan-switching/spanning-tree-protocol/index.html
Community Discussion
No community discussion yet for this question.