CCNA Security – Chapter 6 Case Study
Objectives
• Describe endpoint security.
• Describe endpoint security with Network Admission Control.
• Describe endpoint security with Cisco Security Agent.
• Describe MAC address spoofing attacks, STP manipulation attacks, MAC address overflow attacks, LAN storm attacks, and VLAN attacks.
• Describe specific mitigation techniques for Layer 2 attacks.
• Configure port security, BPDU guard, root guard, storm control, SPAN, and RSPAN.
Scenario
Superior Health Care System Corporation is implementing a plan to put into practice the most secure network environment that is practically possible. However, a security network environment is only as strong as its weakest link. For this reason, in addition to securing the network edge, authentication and implementing IPS within the environment, it is also important to secure the end devices that reside within the network. Endpoint security includes securing the network infrastructure devices in the LAN as well as the end systems, such as workstations, servers, IP phones, access points, and storage area networking
(SAN) devices.
The management at Superior Health Care System Corporation would like to examine additional solutions including endpoint security applications and devices. Some of these solutions include:
• Cisco IronPort security appliances
• Network admission control (NAC)
• Cisco Security Agent (CSA)
© 2009 Cisco Learning Institute
CCNA Security – Chapter 6 Case Study
Tasks 6.1
Review the literature about the Cisco Iron Port Appliances. Use the space below to summarize the services provided by the “C”, “M” and “S” series devices. Include an explanation of the services provided and the capacity of the different models within the series.
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
Tasks 6.2
The Chief Information Officer at Superior Health Care System Corporation has been working with personnel from across the organization to upgrade and implement new information assurance policy.
Through this process he has become familiar with Network Access Control (NAC) technology that can be used to enforce these policies. As a Cisco network organization he wants to become more familiar with the Cisco Network Admission Control products. Please have your team put together a 15 minute presentation on the components and features of the Cisco NAC solution.
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
____________________________________________________________________________________
© 2009 Cisco Learning Institute
CCNA Security – Chapter 6 Case Study
Tasks 6.3
As part of the end point security solution, the Chief Information Officer at Superior Health Care System
Corporation would like to be assured that your team understands the layer two threats that exist within the current network infrastructure. More importantly, she wants to be assured that they have taken the steps to mitigate these vulnerabilities. Please use the table below to explain the steps your team will used to mitigate the following well-known layer two vulnerabilities.
Mitigation Steps Existing Vulnerabilities
MAC address spoofing
STP manipulation
MAC address table overflows
LAN storms
VLAN attacks
© 2009 Cisco Learning Institute