Which of the following is true about CDP?

A. It can be used to discover the network topology

B. It is used to generate a denial of service attack

C. It can be used as part of a MAC address flooding attack

D. It is used to generate a MAC spoofing attack








 

Suggested Answer: A

Cisco Discovery Protocol (CDP) is a Cisco proprietary protocol used by Cisco devices to obtain information about directly connected devices that are also made by Cisco. Since this information includes name, device type and capabilities, IP address, and other identifying information, if these packets are captured they can be used to map the network topology. Since the first step in the hacking process (Discovery, Penetration, and Control) is discovery, this can be a security threat.
CDP is not used to generate a DoS (denial-of-service) attack, which is an attack designed to overwhelm a device with work requests that make it unavailable for its normal jobs.
CDP is not used as part of a MAC address flooding attack. This is performed by a hacker creating packets with unique MAC addresses and flooding the switch's
CAM table with these packets. When the CAM buffer is full, the switch will start sending packets out all interfaces enabling the hacker to capture packets from all switch ports, which is normally not possible on a switch, where each port is its own collision domain. CDP plays no role in this process.
CDP is not used to generate a MAC spoofing attack. This type of attack involves the creation of a packet using the MAC address of a known host in the network for the purpose of redirecting traffic to the hacker's machine instead. CDP plays no role in this process.
Objective:
Layer 2 Technologies -
Sub-Objective:
Configure and verify Layer 2 protocols
References:
Cisco > Catalyst 4500 Series Switch Cisco IOS Software Configuration Guide, 12.2(37)SG > Configuring CDP

This question is in 300-115 Implementing Cisco IP Switched Networks (SWITCH) Exam
For getting Cisco Certified Network Professional (CCNP) Routing and Switching Certificate





Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Cisco.
Trademarks, certification & product names are used for reference only and belong to Cisco.
The website does not contain actual questions and answers from Cisco's Certification Exam.