To prevent an attacker from enumerating Cisco router model, OS version, and capabilities, which feature should be disabled?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Enhance your knowledge as a Computer Hacking Forensic Investigator with the CHFI v11 Test. Use flashcards and multiple-choice questions, complete with hints and detailed explanations, to prepare effectively and ace your exam!

Multiple Choice

To prevent an attacker from enumerating Cisco router model, OS version, and capabilities, which feature should be disabled?

Explanation:
CDP is a Layer 2 discovery protocol Cisco devices use to advertise their identity and capabilities to directly connected neighbors. When CDP is enabled, a router can reveal its model, IOS version, hardware capabilities, and even interface information. An attacker on the same local network could hear these CDP advertisements and quickly learn what devices are present and what software versions they’re running, making it easier to plan targeted attacks. Disabling CDP stops these broadcasts and reduces the amount of device metadata exposed to others on the network. On Cisco devices, you typically disable it globally with "no cdp run" in global configuration, or on specific interfaces with "no cdp enable" to limit exposure. If you’re in a mixed environment, consider using LLDP instead for legitimate discovery, but keep CDP disabled on untrusted segments to prevent enumeration.

CDP is a Layer 2 discovery protocol Cisco devices use to advertise their identity and capabilities to directly connected neighbors. When CDP is enabled, a router can reveal its model, IOS version, hardware capabilities, and even interface information. An attacker on the same local network could hear these CDP advertisements and quickly learn what devices are present and what software versions they’re running, making it easier to plan targeted attacks. Disabling CDP stops these broadcasts and reduces the amount of device metadata exposed to others on the network. On Cisco devices, you typically disable it globally with "no cdp run" in global configuration, or on specific interfaces with "no cdp enable" to limit exposure. If you’re in a mixed environment, consider using LLDP instead for legitimate discovery, but keep CDP disabled on untrusted segments to prevent enumeration.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy