Home > Articles > Certification > Cisco Certification

CCNA Security Portable Command Guide: Network Foundation Protection

  • Print
  • + Share This
This chapter lists some common threats against network infrastructures and goes on to discuss the Cisco Network Foundation Protection Framework, Control Plane Security, Management Plane Security, and Data Plane Security.
This chapter is from the book

The chapter covers the following topics:

Threats Against the Network Infrastructure

Cisco Network Foundation Protection Framework

Control Plane Security

  • Control Plane Policing

Management Plane Security

  • Role-Based Access Control
  • Secure Management and Reporting

Data Plane Security

  • ACLs
  • Antispoofing
  • Layer 2 Data Plane Protection

Threats Against the Network Infrastructure

Common vulnerabilities and threats against a network infrastructure include the following:


  • Design errors
  • Protocol weaknesses
  • Software vulnerabilities
  • Device misconfiguration


  • Trust exploitation
  • Login, authentication, and password attacks
  • Routing protocol exploits
  • Spoofing
  • Denial of service (DoS)
  • Confidentiality and integrity attacks

The impact of those threats and vulnerabilities includes the following:


  • Exposed management credentials
  • High CPU usage
  • Loss of protocol keepalives and updates
  • Route flaps and major network transitions
  • Slow or unresponsive management sessions
  • Indiscriminate packet drops
  • + Share This
  • 🔖 Save To Your Account