Are you sure you want to cancel your subscription?

If you cancel, your subscription will remain active through the paid term. You will be able to reactivate the subscription until that date.

Sorry to see you go

Your subscription will remain active until . If you change your mind, you may rectivate your subscription anytime before that date.

Are you sure you want to reactivate?
Welcome Back!

Your subscription has been reactivated and you will continue to be charged on .

Reactivate Subscription

Thank you for choosing to reactivate your subscription. In order to lock in your previous subscription rate, you owe: .

Your Subscription term is from - .

Questions? Call Sales.

Payment Due:

Auto-Renew Subscription

To auto-renew your subscription you need to select or enter your payment method in "Your Account" under Manage Payments.

Click continue to set up your payments.

CBT Nuggets License Agreement

Unless otherwise stated all references to “training videos” or to “videos” includes both individual videos within a series, entire series, series packages, and streaming subscription access to CBT Nuggets content. All references to CBT or CBT Nuggets shall mean CBT Nuggets LLC, a Delaware limited liability company located at 44 Country Club Road, Ste. 150, Eugene, Oregon.

A CBT Nuggets license is defined as a single user license. Accounts may purchase multiple users, and each user is assigned a single license.

  • GRANT OF LICENSE. CBT Nuggets grants you a non-transferable, non-exclusive license to use the training videos contained in this package or streaming subscription access to CBT content (the “Products”), solely for internal use by your business or for your own personal use. You may not copy, reproduce, reverse engineer, translate, port, modify or make derivative works of the Products without the express consent of CBT. You may not rent, disclose, publish, sell, assign, lease, sublicense, market, or transfer the Products or use them in any manner not expressly authorized by this Agreement without the express consent of CBT. You shall not derive or attempt to derive the source code, source files or structure of all or any portion of the Products by reverse engineering, disassembly, decompilation or any other means. You do not receive any, and CBT Nuggets retains all, ownership rights in the Products. The Products are copyrighted and may not be copied, distributed or reproduced in any form, in whole or in part even if modified or merged with other Products. You shall not alter or remove any copyright notice or proprietary legend contained in or on the Products.
  • TERMINATION OF LICENSE. Once any applicable subscription period has concluded, the license granted by this Agreement shall immediately terminate and you shall have no further right to access, review or use in any manner any CBT Nuggets content. CBT reserves the right to terminate your subscription if, at its sole discretion, CBT believes you are in violation of this Agreement. CBT reserves the right to terminate your subscription if, at its sole discretion, CBT believes you have exceeded reasonable usage. In these events no refund will be made of any amounts previously paid to CBT.
  • DISCLAIMER OF WARRANTY AND LIABILITY. The products are provided to you on an “as is” and “with all faults” basis. You assume the entire risk of loss in using the products. The products are complex and may contain some nonconformities, defects or errors. CBT Nuggets does not warrant that the products will meet your needs, “expectations or intended use,” that operations of the products will be error-free or uninterrupted, or that all nonconformities can or will be corrected. CBT Nuggets makes and user receives no warranty, whether express or implied, and all warranties of merchantability, title, and fitness for any particular purpose are expressly excluded. In no event shall CBT Nuggets be liable to you or any third party for any damages, claim or loss incurred (including, without limitation, compensatory, incidental, indirect, special, consequential or exemplary damages, lost profits, lost sales or business, expenditures, investments, or commitments in connection with any business, loss of any goodwill, or damages resulting from lost data or inability to use data) irrespective of whether CBT Nuggets has been informed of, knew of, or should have known of the likelihood of such damages. This limitation applies to all causes of action in the aggregate including without limitation breach of contract, breach of warranty, negligence, strict liability, misrepresentation, and other torts. In no event shall CBT Nuggets’ liability to you or any third party exceed $100.00.
  • REMEDIES. In the event of any breach of the terms of the Agreement CBT reserves the right to seek and recover damages for such breach, including but not limited to damages for copyright infringement and for unauthorized use of CBT content. CBT also reserves the right to seek and obtain injunctive relief in addition to all other remedies at law or in equity.
  • MISCELLANEOUS. This is the exclusive Agreement between CBT Nuggets and you regarding its subject matter. You may not assign any part of this Agreement without CBT Nuggets’ prior written consent. This Agreement shall be governed by the laws of the State of Oregon and venue of any legal proceeding shall be in Lane County, Oregon. In any proceeding to enforce or interpret this Agreement, the prevailing party shall be entitled to recover from the losing party reasonable attorney fees, costs and expenses incurred by the prevailing party before and at any trial, arbitration, bankruptcy or other proceeding and in any appeal or review. You shall pay any sales tax, use tax, excise, duty or any other form of tax relating to the Products or transactions. If any provision of this Agreement is declared invalid or unenforceable, the remaining provisions of this Agreement shall remain in effect. Any notice to CBT under this Agreement shall be delivered by U.S. certified mail, return receipt requested, or by overnight courier to CBT Nuggets at the following address: 44 Club Rd Suite 150, Eugene, OR 97401 or such other address as CBT may designate.

CBT Nuggets reserves the right, in its sole discretion, to change, modify, add, or remove all or part of the License Agreement at any time, with or without notice.

Billing Agreement

  • By entering into a Billing Agreement with CBT Nuggets, you authorize CBT Nuggets to use automatic billing and to charge your credit card on a recurring basis.
  • You agree to pay subscription charges on a monthly basis, under the following terms and conditions:
    • CBT Nuggets will periodically charge your credit card each monthly billing cycle as your subscription charges become due;
    • All payments are non-refundable and charges made to the credit card under this agreement will constitute in effect a "sales receipt" and confirmation that services were rendered and received;
    • To terminate the recurring billing process and/or arrange for an alternative method of payment, you must notify CBT Nuggets at least 24 hours prior to the end of the monthly billing cycle;
    • You will not dispute CBT Nugget’s recurring billing charges with your credit card issuer so long as the amount in question was for periods prior to the receipt and acknowledgement of a written request to cancel your account or cancel individual licenses on your account.
  • You guarantee and warrant that you are the legal cardholder for the credit card associated with the account, and that you are legally authorized to enter into this recurring billing agreement.
  • You agree to indemnify, defend and hold CBT Nuggets harmless, against any liability pursuant to this authorization.
  • You agree that CBT Nuggets is not obligated to verify or confirm the amount for the purpose of processing these types of payments. You acknowledge and agree that Recurring Payments may be variable and scheduled to occur at certain times.
  • If your payment requires a currency conversion by us, the amount of the currency conversion fee will be determined at the time of your payment. You acknowledge that the exchange rate determined at the time of each payment transaction will differ and you agree to the future execution of payments being based on fluctuating exchange rates.

CBT Nuggets reserves the right, in its sole discretion, to change, modify, add, or remove all or part of the Billing Agreement at any time, with or without notice.

Cisco CCNP SWITCH 642-813

Campus Security: STP Attacks and Other Security Considerations

This video is only available to subscribers.
Start your 7-day free trial today.

A free trial includes:

  • Unlimited 24/7 access to our entire IT training video library.
  • Ability to train on the go with our mobile website and iOS/Android apps.
  • Note-taking, bookmarking, speed control, and closed captioning features.

Welcome to Cisco Switch: Watch Me First!

The Switches Domain: Core Concepts and Design

VLANs: Configuration and Verification

VLANs: In-Depth Trunking

VLANs: VLAN Trunking Protocol

STP: Foundation Per-VLAN Spanning Tree Concepts, Part 1

STP: Foundation Per-VLAN Spanning Tree Concepts, Part 2

STP: Rapid Spanning Tree Concepts and Configuration

EtherChannel: Aggregating Redundant Links

L3 Switching: InterVLAN Routing Extraordinaire

L3 Switching: Understanding CEF Optimization

Redundancy in the Campus: HSRP, VRRP, and GLBP Part 1

Redundancy in the Campus: HSRP, VRRP, and GLBP Part 2

Campus Security: Basic Port Security and 802.1x

Campus Security: VLAN and Spoofing Attacks

Campus Security: STP Attacks and Other Security Considerations

00:00:00 - All right. It's time to wrap up the campus security section,
00:00:04 - and actually the whole BCMSN series with a video talking about
00:00:08 - spanning tree protocol attacks and how an intruder can manipulate
00:00:12 - spanning tree to, well, bury your network in a couple of commands.
00:00:17 - Then we'll just wrap things up by looking at switch security
00:00:20 - best practices. Just kind of a bullet list of when you get a
00:00:23 - new switch or you're setting up your existing switch equipment,
00:00:26 - what are some Cisco recommended best practices to deploy them
00:00:29 - in the most secure possible way. I remember when I first started
00:00:34 - teaching in the Cisco arena. I started off with the CCNA class
00:00:37 - because I was only a CCNA. And I was having a great time teaching
00:00:41 - it and was getting to a section on spanning tree and was talking
00:00:45 - about spanning tree and describing what the root bridge is and
00:00:49 - how the root is elected and things like that and how key that
00:00:51 - is. Big part of the network is who is the root bridge and emphasizing
00:00:55 - that to the students. And a student raises their hand and says,
00:00:59 - yeah, Jim, I can't remember his name, and Jim said: Well, if
00:01:05 - the root bridge is so critical, and that's kind of the core of
00:01:09 - the network, right. I said, oh, yeah, core of the network. He
00:01:11 - said what's to keep somebody from bringing in their own switch
00:01:15 - and like setting their priority really low so they become the
00:01:17 - root bridge. And I said: Ah, I don't know. That's a good question.
00:01:24 - And I scratched my head. And I've been teaching for 11 years.
00:01:28 - And that's happened many times. And so that night I'm at home
00:01:31 - looking at books. What's to keep somebody from doing that. And
00:01:35 - the answer is nothing. There is nothing that's keeping somebody
00:01:40 - from bringing a switch into the network and becoming the root
00:01:43 - bridge. Likewise, you could also have somebody maliciously bringing
00:01:48 - in a switch into the network to attach dual cables like this
00:01:53 - to port fast enabled ports which port fast disable spanning tree.
00:01:58 - So by an intruder running one cable to his cubicle jack and then
00:02:02 - running to the neighboring cubicle jack or just the spare jack
00:02:05 - somewhere, he could potentially start a small loop in the network,
00:02:09 - because port fast won't detect the looping packets right away.
00:02:12 - So spanning tree manipulation. How do we stop it? Well, there
00:02:17 - are two major features that are in Cisco switches that will really
00:02:21 - help out. Number one, excuse me, on those port fast ports, any
00:02:27 - port enabled for port fast should also have a feature called
00:02:31 - BPDU guard. Guard, phonetic spelling. G u a r d. BPDU guard.
00:02:34 - What that is is a sensor that if it detects a BPDU immediately
00:02:40 - shuts down the port. Think back to spanning tree. Spanning tree,
00:02:43 - its language that it speaks is BPDU. When somebody is communicating
00:02:50 - to spanning tree, they'll be using BPDUs. So BPDU guard, whenever
00:02:55 - a BPDU is detected
00:02:58 - on any port, it will shut it down. The minute this intruder plugs
00:03:05 - in their switch, chunk, chunk, that port is disabled. It's very
00:03:11 - immediate. As a matter of fact, let me bring up my switch and
00:03:15 - show this to you. I'm plugged into a CAT 3550.
00:03:21 - And I'm going to get under, let's use interface
00:03:25 - fast ethernet 0/1, and the command, it's very simple to turn
00:03:29 - it on. Spanning tree. You just type in BPDU guard, enter. Wait
00:03:35 - a second. Enable. There we go. Enable. And that turns it on on
00:03:39 - the interface. Now, at that point anytime let me show you. I've
00:03:43 - got a cable dangling from this switch on fast Ethernet 0/1. I'm
00:03:46 - going to reach under my desk here, connect it to another switch.
00:03:50 - Watching on the screen. Watch this. Click. Light just went on
00:03:55 - and wham, the port just went down. Did you see how fast that
00:03:57 - was? Because remember one of the first things that happens in
00:04:00 - a rapid spanning tree environment, which is what we're running
00:04:03 - here, is immediately as soon as the electric signal is sent,
00:04:06 - a BPDU is sent out to detect any loops. So right away, receive
00:04:10 - BPDU with BPDU guard enabled, disabling port. I'll type in show
00:04:15 - interface fast Ethernet 0/1
00:04:19 - and you can see that the port has now entered an error disabled
00:04:23 - state. That's also what happens if you violate MAC address security.
00:04:27 - So what we can do is just do a shut and a no shut to power that
00:04:32 - port back on. And let me just do a do command. There we go and
00:04:36 - we've got the not connect now. So we are back in the not connected
00:04:41 - state. So that is the BPDU guard, which, to answer my CC and
00:04:45 - A student's question, I could have said, yeah, BPDU guard will
00:04:48 - do that. But Cisco also created a system for even the good ports.
00:04:53 - I mean, ports that are uplinked to other switches and so on to
00:04:57 - prevent maybe a misconfigured switch from becoming the root.
00:05:02 - Now, let's say instead of this being an intruder switch down
00:05:06 - here, let me just cross that out, we'll just say this is some
00:05:09 - closet switch. It's an access layer switch. I'll put AL switch.
00:05:13 - Now, if we've got our network and we've got the corporate network,
00:05:17 - maybe these are our two core switches. This is the root bridge,
00:05:21 - and this is the back up root, if the primary root bridge goes
00:05:25 - down. Now, we don't ever want this switch to become the root
00:05:30 - bridge, because it's in a closet, and if both core switches are
00:05:35 - down, I would say we've got bigger problems than determining
00:05:37 - who the root bridge is. So what we can do is enable a second
00:05:43 - feature on our Cisco switches. It's called root guard. What it
00:05:47 - does I'll say it again root guard because I think I severed root
00:05:51 - guard. It protects
00:05:53 - what ports valid roots are detected on. That was a horrible way
00:05:59 - of saying that. Let me explain it a little better. This core
00:06:02 - switch is our root. Why is it our root? Because we set it to
00:06:06 - become the root. Now, by default every other port that is connected
00:06:10 - to another switch has the potential to be elected as the root.
00:06:15 - This became the root because we set the priority lower. But if
00:06:18 - the priority on this one went lower, then this one would become
00:06:21 - the root. But what I can do is on my root bridge, the one that
00:06:25 - is currently elected the root, I can set root guard on any port
00:06:30 - connected to a switch that is not supposed to become the root.
00:06:35 - Now, obviously this port would not be one that I want to enable
00:06:38 - root guard on, because if this switch went down in some way,
00:06:41 - I would want this one to take over and become the root. So that's
00:06:45 - a valid place to not have root guard. However, this port right
00:06:49 - here and this port right here are two places where I would want
00:06:53 - the root guard feature to be on. Now, this feature is somewhat
00:07:00 - timing based I guess this is the best way I can say it. Meaning
00:07:04 - you need to set it up after you have the root elected. For example,
00:07:08 - if I've got a new switch in my network, we'll say this guy my
00:07:15 - access layer switch that I'm installing, and for whatever reason
00:07:18 - I turn on root guard on this port and then connect it to the
00:07:21 - network, well, this switch being powered on thinks it's the root.
00:07:25 - Because until it communicates with the rest of the network it's
00:07:27 - going to say, well, I'm the root of the network. And no one because
00:07:32 - I don't see anyone else. But as soon as I plug these cables in
00:07:35 - right here, if I've turned on root guard on this switch, it's
00:07:39 - going to say whoa, there's another switch that's trying to become
00:07:42 - the root. Dangerous, let's go ahead and shut down that port.
00:07:44 - Oh, another switch is trying to become the root. Dangerous, let's
00:07:46 - shut down that port. You can see root guard is one of those things
00:07:50 - you only turn on on the root switch itself. And perhaps the back
00:07:54 - up root if you have a network big enough to become one. So let
00:07:58 - me show you how to do that. I'll bring it back up here. It's
00:08:01 - one command. We don't need to set up a full topology to explain
00:08:04 - it. I'm going to type in spanning tree, guard, root,
00:08:10 - enter. Kind of reverse English. Spanning tree guard root. At
00:08:14 - that point fast Ethernet 0/1 is enabled for root guard, which
00:08:19 - means there will never be a switch that connects to fast Ethernet
00:08:24 - 0/1 that can become the root because this switch I'm on right
00:08:28 - now is the root and it will not be pre empted by any switch connecting
00:08:32 - to fast Ethernet 0/1. Now, one term you should know I'm not going
00:08:37 - to set up the full topology because it's just so simple of an
00:08:40 - explanation but when
00:08:44 - if this port comes in and tries to become the root. We just enabled
00:08:49 - this one for root guard, and this one says, hey, I want to be
00:08:51 - the root, it will disable this port but instead of putting it
00:08:55 - into an error disable state it will actually label it as an inconsistent
00:09:01 - port. So that's just a term to know off the top of your head.
00:09:04 - If you see inconsistent ports, it is because it is a port that
00:09:08 - you turned on root guard for and said we cannot have a root on
00:09:11 - here and someone came in and said I want to be the root. So root
00:09:14 - guard says that's inconsistent. Let's disable the port. Well,
00:09:18 - let's wrap things up by looking at the Cisco best practices for
00:09:23 - Cisco switches. Just rules of thumb that you should keep in mind
00:09:26 - on any new switch you deploy. Number one is to disable CDP wherever
00:09:31 - possible. Now, that used to be something where I could easily
00:09:35 - say, oh, yeah, just turn off CDP on any new device. However,
00:09:39 - there are becoming more and more things that use CDP as a viable
00:09:44 - function rather than just discovering other devices. For example,
00:09:47 - IP phones need CDP for quality of service, and VLAN assignment.
00:09:52 - So it's no longer just possible to disable CDP on an entire switch.
00:09:57 - But you can turn off CDP on a port by port basis on ports that
00:10:01 - aren't going to use it. Every packet that CDP sends is in clear
00:10:06 - text. And it contains pretty essential information about the
00:10:09 - switch, like what port they're coming into. IOS image. The IP
00:10:13 - address of the switch, and anybody with a packet sniffer can
00:10:15 - get it. So on a switch you can either from global config mode
00:10:20 - type in no CDP run. That turns it off everywhere. But as I mentioned
00:10:24 - it's not possible to do that in many cases. So we could go under
00:10:28 - an interface and just type in no CDP enable, and that turns it
00:10:31 - off on a port by port basis.
00:10:34 - Now, second one is to lock down spanning tree. Just like I was
00:10:38 - mentioning on the previous slide, putting BPDU guard on every
00:10:42 - port you have port fast on it can be very handy to do that. I
00:10:47 - don't know if I showed you this. I think I showed you this. But
00:10:51 - under an interface you can type in switch port. Oh, what is it?
00:10:56 - Mode? Oh. No. Right there. Switch port host. Did I tell you about
00:11:02 - that one? Switch port host automatically turns it on to an access
00:11:08 - port. Sets the access port. Turns on port fast and disables any
00:11:13 - Ethernet channel capabilities for the port all in one scoop.
00:11:17 - So that is a handy command to do all of those things. But at
00:11:21 - the same time you still need to add BPDU guard to it. I don't
00:11:24 - know why that just popped into my head. That's just my handy
00:11:26 - command for the day, I think. Third, disable trunk negotiation
00:11:31 - on access ports. Under every single port, either type in switch
00:11:34 - port host or switchboard mode access to make sure it's hard coded
00:11:39 - as an access port and it will not become a trunk. That causes
00:11:42 - VLAN hopping. Physical security is key. That almost goes without
00:11:47 - saying, but I know a lot of the IDFs and wiring closets that
00:11:51 - I've seen have sometimes been left out in the open, just found
00:11:54 - a free corner. And sometimes that's all you can do because of
00:11:58 - the building that you're in; but if you can get these switches
00:12:02 - behind locked doors, that really helps increase your security
00:12:06 - in a big way. Somebody can just touch the switch. There's a huge
00:12:08 - security vulnerability.
00:12:11 - Fifth, place unused ports in a black hole VLAN. A black hole
00:12:17 - is actually a name I came up with because whenever I create this
00:12:20 - VLAN on a switch, I name it black hole. Just any unused port.
00:12:24 - Something that doesn't have anything plugged into it at the time
00:12:28 - I put into this VLAN. Now, there's no routing for that VLAN.
00:12:32 - There's no DHTP server, there's no VLAN interface for it. It's
00:12:36 - just an empty VLAN. So if somebody does plug into an unused port,
00:12:40 - they'll get connectivity, meaning their jack will light up as
00:12:45 - if there's an electric signal there, but nothing more. A self
00:12:48 - assigned IP address is all about they'll get and they're in the
00:12:51 - black hole. So that helps minimize who is using unused ports
00:12:56 - in your network. Easy enough by the way, it's easy enough to
00:12:58 - do that. All you have to do is just do a show IP interface brief
00:13:02 - and document every port that is down during a typical business
00:13:07 - day minus the SIG people you'll be able to quickly tell which
00:13:10 - ports are in use and are not in use. Finally, last one is six,
00:13:16 - use SSH whenever possible. Just about every Cisco switch with
00:13:20 - a modern image can support
00:13:24 - SSH. Actually, I think this one
00:13:27 - does not. Let me do a transport input question mark. Now, see
00:13:31 - that's why I said whenever possible. This switch right here only
00:13:35 - supports telenet, but I'm almost positive that my other
00:13:41 - key switch here let me bring that into the picture,
00:13:45 - line VTY 04 transport input. There it is. SSH. Every image that
00:13:52 - Cisco ships nowadays is running SSH. You don't have to get a
00:13:56 - security image anymore to get SSH. Because telenet is, as you
00:14:01 - can imagine, very vulnerable. Everything is in clear text. So
00:14:04 - use SSH to manage your devices.
00:14:08 - Well, let's wrap things up for the last time. We have talked
00:14:12 - about spanning tree protocol attacks and ways to prevent them
00:14:15 - or just a misconfiguration in your network and ways to keep it
00:14:18 - from destroying it by using BPDU guard and root guard. Finally,
00:14:24 - we just talked about Cisco's best practices for every switch
00:14:27 - across your organization.
00:14:29 - At this point in the series, we're at the end, and I know you
00:14:34 - are feeling much more confident with your switching capability
00:14:37 - than you did before you started this series. And I hope that
00:14:41 - this information will be valuable to you whether you're using
00:14:44 - it to study for a certification exam and get your CCNP or whether
00:14:48 - you're using it for practical application and going back to the
00:14:51 - office and actually implementing a bunch of the stuff that we
00:14:54 - talked about. But whatever the application, I wish you well,
00:14:58 - and I hope to see you again soon. And, of course, last but not
00:15:02 - least, I hope this has been informative for you, and I'd like
00:15:06 - to thank you for viewing.

Campus VoIP: Overview, Considerations, and AutoQoS

Wireless LAN: Foundation Concepts and Design Part 1

Wireless LAN: Foundation Concepts and Design Part 2

Wireless LAN: Frequencies and 802.11 Standards

Wireless LAN: Understanding the Hardware

The Switches Domain: Additional Life-Saving Technology

Monitoring: Your Pulse on the Network

Campus Security: VACLs

This forum is for community use – trainers will not participate in conversations. Share your thoughts on training content and engage with other members of the CBT Nuggets community. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Community Standards

We encourage you to share your wisdom, opinions, and questions with the CBT Nuggets community. To keep things civil, we have established the following policy.

We reserve the right not to post comments that:
contain obscene, indecent, or profane language; contain threats or defamatory statements; contain personal attacks; contain hate speech directed at race, color, sex, sexual orientation, national origin, ethnicity, age, religion, or disability; contributes to a hostile atmosphere; or promotes or endorses services or products. Non-commercial links, if relevant to the topic, are acceptable. Comments are not moderated, however, all comments will automatically be filtered for content that might violate our comment policies. If your comment is flagged by our filter, it will not be published.

We will be continually monitoring published comments and any content that violates our policies will be removed. Users who repeatedly violate our comments policy may be prohibited from commenting.

Course Features

Speed Control

Play videos at a faster or slower pace.


Pick up where you left off watching a video.


Jot down information to refer back to at a later time.

Closed Captions

Follow what the trainers are saying with ease.

MP3 Downloads

Listen to videos anytime, anywhere

Annual Course Features

Transcender Practice Exams

These practice tests help you review your knowledge and prepare you for exams.
Available only with the annual subscription.
Jeremy Cioara

Jeremy Cioara

CBT Nuggets Trainer

Cisco CCNA, CCDA, CCNA Security, CCNA Voice, CCNP, CCSP, CCVP, CCDP, CCIE R&S; Amazon Web Services CSA; Microsoft MCP, MCSE, Novell CNA, CNE; CompTIA A+, Network+, iNet+

Area Of Expertise:
Cisco network administration and development. Author or coauthor of numerous books, including: CCNA Voice 640-461 Official Cert Guide; CCNA Voice Official Exam Certification Guide (640-460 IIUC); CCENT Exam Prep (Exam 640-822); CCNA Exam Cram (Exam 640-802) 3rd Edition; and CCNA Voice 640-461 Official Cert Guide.

Add training to a playlist
or create a new list
Add to current playlist
or add to an existing list
Add to new playlist
Add New Bookmark

Campus Security: STP Attacks and Other Security Considerations
Bookmark Title:

Login is required to access this feature.

Your browser cannot access Virtual Labs
Video Options

This advanced buffering is applied to all streams regardless if you installed the doublespeed control or not. Sometimes the advanced buffering causes the video to hang or behave erratically. If you are experienceing issues with video playback please disable the doublespeed buffer.

Remember to re-enable the buffer if you want to use the doublespeed control.

If you are experiencing problems with our content delivery, please click here to switch to our alternate content delivery network or go to our network FAQ.
For other common video playback issues, including firewall and corporate network issues, please visit our Tech Support forum.