1. A threat actor changes the MAC address of the threat actor’s device to the MAC address of the default gateway. What type of attack is this?
- Address spoofing
- ARP spoofing
- CDP reconnaissance
- DHCP starvation
- STP attack
- VLAN hopping
Explanation: Address spoofing attacks occur when the threat actor changes the MAC and/or IP address of the threat actor’s device to pose as another legitimate device, such as the default gateway.
2. A threat actor sends a BPDU message with priority 0. What type of attack is this?
- Address spoofing
- ARP spoofing
- CDP reconnaissance
- DHCP starvation
- STP attack
- VLAN hopping
Explanation: A threat actor sending BPDU messages with a priority of 0 is trying to becoming the root bridge in the STP topology.
3. A threat actor leases all the available IP addresses on a subnet. What type of attack is this?
- Address spoofing
- ARP spoofing
- CDP reconnaissance
- DHCP starvation
- STP attack
- VLAN hopping
Explanation: DHCP starvation attacks occur when a threat actor requests and receives all the available IP address for a subnet.
4. A threat actor sends a message that causes all other devices to believe the MAC address of the threat actor’s device is the default gateway. What type of attack is this?
- Address spoofing
- ARP spoofing
- CDP reconnaissance
- DHCP starvation
- STP attack
- VLAN hopping
Explanation: A threat actor can send a gratuitous ARP reply causing all devices to believe that the threat actor’s device is a legitimate device, such as the default gateway.
5. A threat actor configures a host with the 802.1Q protocol and forms a trunk with the connected switch. What type of attack is this?
- Address spoofing
- ARP spoofing
- CDP reconnaissance
- DHCP starvation
- STP attack
- VLAN hopping
Explanation: A threat actor can effectively hop VLANs if the threat actor’s device belongs to the native VLAN and trunks with the switch.
6. A threat actor discovers the IOS version and IP addresses of the local switch. What type of attack is this?
- Address spoofing
- ARP spoofing
- CDP reconnaissance
- DHCP starvation
- STP attack
- VLAN hopping
Explanation: A threat actor can use packet sniffing software, such as Wireshark, to view the contents of CDP messages, which are sent unencrypted and include a variety of device information including the IOS version and IP addresses.