This document discusses common layer 2 security issues for small and medium enterprises and recommendations for mitigating them. It covers attacks such as MAC table overflow, DHCP attacks, ARP spoofing, spanning tree attacks, CDP attacks, VLAN hopping, and Power over Ethernet attacks. It recommends countermeasures including port security, DHCP snooping, dynamic ARP inspection, BPDU guard, root guard, IP source guard, storm control, rate limiting, priority policing, secure shell, configuration file security, and VLAN access control lists configured on switches.