Exam 200-301 topic 1 question 970 discussion

MAC flooding attack ----> Configure 802.1x MITM spoofing attack (read: rogue DHCP server) -----> Configure DHCP snooping

I think the answers are corect.

Given answers are correct : MITM Attacks: 802.1X enforces mutual authentication to eliminate the potential of man-in-the-middle (MITM) attacks. When the client establishes the connection to the network, the access point triggers a certificate exchange to authenticate its identity. DHCP Snooping alone does not help us limit the rate of MAC addresses learned, but DAI works with DHCP snooping , of course port security would have been a better answer for this to limit the number of MAC addresses learned via one port but in this scenario this is what we have . Double tagging - change native VLAN Vlan Hopping - deactivate DTP

Given answers are correct. Even the next question 971 ask the option that is vulnerable to MIDM attack and answer is telnet and what do you use to avoid the vulnerability? ssh which is authentication.

given answers are incorrect 802.1q double-tagging VLAN-hopping attack = configure the native VLAN with a nondefault VLAN ID MAC flooding attack = configure 802.1x authenticate man-in-the-middle spoofing attack = configure DHCP snooping switch-spoofing VLAN-hopping attack = disable DTP see question number 623 as well

This question is not sane. The model answers are correct, except for the technique to mitigate against MAC flooding attack. Whilst 802.1x is all that's left, this will not work. The correct answer would be to use port security and limit the number of MACs allowed.

Provided answer is correct. https://www.securew2.com/blog/preventing-man-in-the-middle-mitm-attacks-the-ultimate-guide

oatmeal turkey is correct: MITM Attacks - DHCP Snooping MAC Flooding - 802.1X Authentication 802.1Q Double Tagged VLAN Hopping Attacks - Change Native VLAN To non-default VLAN Switch Spoofing VLAN Hopping - Disable DTP (Set Switchport to Nonnegotiate)