Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from CCNA Security 210-260 Certification Guide Build your knowledge of network security and pass your CCNA Security exam (210-260)

Product type Paperback

Published in Jun 2018

Publisher Packt

ISBN-13 9781787128873

Length 518 pages

Edition 1st Edition

Tools

Cisco

Concepts

IT Certification

Authors (3):

Glen D. Singh

Vijay Anandh

Michael Vinod

View More author details

Table of Contents (19) Chapters

Preface

1. Exploring Security Threats FREE CHAPTER

2. Delving into Security Toolkits

3. Understanding Security Policies

4. Deep Diving into Cryptography

5. Implementing the AAA Framework

6. Securing the Control and Management Planes

7. Protecting Layer 2 Protocols

8. Protecting the Switch Infrastructure

9. Exploring Firewall Technologies

10. Cisco ASA

11. Advanced ASA Configuration

12. Configuring Zone-Based Firewalls

13. IPSec – The Protocol that Drives VPN

14. Configuring a Site-to-Site VPN

15. Configuring a Remote-Access VPN

16. Working with IPS

17. Application and Endpoint Security

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Layer 2 attack mitigation

All layers of TCP/IP have their own security threats and vulnerabilities. Unfortunately, if the lower layer is hacked, communications are compromised without the other layers being aware of the problem. Everything at Layer 3 and higher is encapsulated into some type of Layer 2 frame. If an attacker can interrupt, copy, redirect, or confuse the Layer 2 forwarding, they can also disrupt the functions of the upper-layer protocols:

For example, an internal attacker who is connected to the network using some port-scanning tools to scan the open ports can gain access to the switch through which they can start accessing the upper-layer devices.

Port scanning is a reconnaissance mechanism that attackers use to scan the ports that are active.

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (3)

Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.

See other products by Glen D. Singh

Anandh

Vijay Anandh is an IT consultant and public speaker specializing in Cisco routing and switching, security, and F5 load balancer technologies. He has 9 years of combined experience as a training consultant and network architect.

See other products by Anandh

Vinod

Michael Vinod is a freelance IT trainer and consultant specializing in Cisco routing, switching, and security technologies. He has expertise in the field of networking, with close to 3 years of field experience and 7 years of experience, as a Cisco training consultant. He has a passion for training individuals on Cisco technologies and has received accolades from various clients.

See other products by Vinod