VTP Bombing: Understanding the Threat | Cisco Exam 400-151

VTP Bombing

Question

Which statement about VTP bombing is true?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Explanation.

VTP bombing is a network issue that can occur in a VLAN Trunking Protocol (VTP) domain. VTP is a Cisco proprietary protocol that allows switches to exchange VLAN information over a trunk link. This information includes VLAN IDs, names, and parameters. VTP bombing is a rare but serious problem that can cause disruption to network services.

The correct answer to the question is D. It occurs when a server with a higher revision number and a wrong VTP database is inserted into the VTP domain. This situation may occur when a new switch plugged into a stable VTP domain. The incorrect database is propagated to the domain, and the earlier stable database is overwritten.

VTP operates in one of three modes: server, client, or transparent. The server mode allows switches to create, modify, and delete VLANs and share this information with other switches in the VTP domain. The client mode receives VLAN information from servers but cannot create or modify VLANs. The transparent mode forwards VTP information but does not participate in the VTP domain.

Each time a VTP server makes a change to the VLAN information, it increments a revision number. When a VTP server with a higher revision number is added to a VTP domain, it overwrites the existing VLAN information with its own database. If this new server has an incorrect VLAN database, it can propagate the incorrect information to other switches in the domain, causing a VTP bombing.

VTP bombing can be prevented by taking several precautions. First, configure VTP domains with a unique name to avoid potential conflicts with other VTP domains. Second, configure VTP passwords to prevent unauthorized access to VTP domains. Third, use caution when adding new switches to the VTP domain, especially if they have a higher revision number than existing switches. Finally, consider using VTP version 3, which has enhanced security features to prevent VTP bombing.