The risks and threats of cybersecurity are always present. Network and Internet infrastructure are increasingly vulnerable to a wide variety of physical and cyber attacks. Sophisticated cyber criminals, as well as nations, exploit these vulnerabilities to steal information and money. Consent with the above, was carried out in the private security company Security 2000 of Colombia Ltda., The evaluation and diagnosis of the layer 2 switches that are currently installed and configured, according to the fiscal topology, in the layer of access of the LAN network and its ethernet connection to detect in these components, the vulnerabilities that may exist to propose the corresponding controls considering the ISO / IEC 27002: 2013 standard.