Teaching offensive techniques is a necessary component of a computer security education and yields better security professionals than teaching defensive techniques alone. In this paper, we describe a case study of the implementation of comprehensive hands-on lab exercises that are essential to security education. The first hands-on lab exercise is about how to perform a Denial of Service (DoS) attack based on the poisoning of the CAM tables (Content Access Memory) of Local Area Network (LAN) switches. The second exercise is about how to prevent CAM table poisoning attack. The hands-on labs confirmed further the ethical and legal concerns regarding the teaching of offensive techniques in the academic environment. In fact, the number of injected malicious traffic targeting the university switches' CAM tables, increased considerably each time the students experiment the DoS attack. That is why every course in IT security should be accompanied by a basic discussion of legal implications and ethics.