Manually configuring trunking on required interfaces and disabling unused ports prevents attackers from abusing dynamic trunk negotiations. Dynamic trunk protocols can make it easier to negotiate unauthorized trunk connections. An access list filtering only management traffic does not solve potential double-tag injection. Allowing a native VLAN on all ports can make it simpler for attackers to exploit any untagged data paths.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a trunk in networking?
Open an interactive chat with Bash
Why is disabling unused ports important for network security?
Open an interactive chat with Bash
What are dynamic trunk protocols, and why can they be a security risk?