how to prepare for ccna book

how to prepare for ccna book.A man-in-the-middle attack is when an attacker places himself or herself between two devices that are communicating with the intention of stealing or manipulating the data sent (II sent between them. Man-in-the-middle attacks can be launched either at layer 2 or layer 3. The main goal of a man-in-the-middle attack is to steal data, since the attacker can see all traffic.When launching a man-in-the-middle attack at Layer 2, the attacker performs Layer 2 MAC address spoofing, causing devices within the LAN to believe that the Layer 2 address of the attacking host is the Layer 2 address of the local default gateway. This is also known as "ARP poisoning." As a result, the switch forwards frames that should be forwarded to the default gateway to the Layer 2 address of the attacking host within the same network. A "conscientious" attacker will also continue to forward the frames to the correct destination node, allowing the originating host to establish the required connectivity. However, the attacker474 Chapter 13 Types of Attacks and Vulnerabilitiesalready has a "full view" of all the data being transmitted between the source and destination hosts. To reduce the risk of a man-in-the-middle attack, turn on the switch.To reduce the risk of man-in-the-middle attacks, features such as Dynamic ARP Inspection (DAI) can be enabled on the switch to prevent Layer 2 address spoofing. An attacker can also place a switch into the network and then manipulate Spanning Tree Protocol (STP) to make it the root switchto launch a man-in-the-middle attack (thereby gaining a "full view" of all traffic passing through the "root" switch).Man-in-the-middle attacks can also be launched at Layer 3 by first placing a rogue router in the network and then making other routers believe that the new router has the best route to the destination network. This causes traffic destined for the corresponding destination network to traverse that rogue router, and the attacker can take advantage of the opportunity to steal network data. There are various ways to mitigate a man-in-the-middle Layer 3 attack, for example, by turning on authentication for routing protocols or by not allowing certain routers' interfaces to advertise or learn routing information.Breaching a victim's computer and installing malware on it that can intercept packets sent by the victim and forward them to the attackingIt is also a man-in-the-middle attack. If the victim has enabled SSL/TLS/ HTTPS or any other encrypted traffic transportIf the victim has enabled SSL/TLS/ HTTPS or any other encrypted traffic transport mechanism, such malware can also capture packets before they are encrypted for transmission.