Hi Carl,
I would say that these topics are certainly worth looking at:
- Port security
- Storm control
- 802.1X
- DHCP Snooping
- Dynamic ARP Inspection
- IP Source Guard
- Private VLANs
- VLAN access maps (VACLs) and Port-based ACLs (PACLs)
- Preventing VTP, DTP, STP attacks (switchport nonegotiate, VTP passwords, various STP guards)
- Preventing VLAN hopping attacks (tagging or avoiding use of native VLAN)
I am not saying with certainty that these topics are what constitutes the topic you are asking about, but from what I know, the SWITCH certification exam has not changed significantly from its previous BCMSN counterpart so these topics shall be compliant and at least partially covering the "security extensions of a layer-2 solution" - phew, who invented such a meaningless topic description, anyway?
Best regards,
Peter