Step 4: Verify the trunking configuration on port Fa0/1.
Step 5: Enable storm control for broadcasts.
Enable storm control for broadcasts on the trunk port with a 50 percent rising suppression level using the
Step 6: Verify the configuration with the show run command.
Task 7: Secure Access Ports (Chapter 6)
By manipulating the STP root bridge parameters, network attackers hope to spoof his or her system as the
root bridge in the topology. Alternatively, they can spoof a rogue switch that they added to the network as
root bridge. If a port that is configured with PortFast receives a BPDU, STP can put the port into the
state by using a feature called BPDU guard.
Step 1: Disable trunking on S1, S2, and S3 access ports.
On S1, configure ports Fa0/5 and F0/6 as access mode only.
On S2, configure Fa0/18 as access mode only.
On S3, configure ports Fa0/5 and Fa0/18 as access mode only.
Task 8: Protect Against STP Attacks (Chapter 6)
The topology has only two switches and no redundant paths, but STP is still active. In this step, you
some switch security features that can help reduce the possibility of an attacker manipulating
Step 1: Enable PortFast on S1, S2, and S3 access ports.
PortFast is configured on access ports that connect to a single workstation or server to enable them to
become active more quickly.
Enable PortFast on the S1 Fa0/5 and Fa0/6 access ports.