An on-path attack, also known as a man-in-the-middle, MiTM attack allows the attacker to impersonate both parties involved in a network conversation.

The principle of least privilege dictates that a user be given the least permission to perform their job.

Authentication is the process of verification of a user's identify.

Double-tagging in an attack that can be sued against the native VLAN. The attacker will tage the natvie VLAN on a fram and then tag another inside that fram for the VLAN that the attacker intends to compromise.

Secure Shell (SSH) negotiates encryption when a connection is made.

Remote Authentication Dial-In User Service (RADIUS) was originally proposed by the IETF and because an open standard for authentication, often used with 802.1X.