10.5.11 Check Your Understanding – LAN Attacks Answers

1. A threat actor changes the MAC address of the threat actor’s device to the MAC address of the default gateway. What type of attack is this?

  • Address spoofing
  • ARP spoofing
  • CDP reconnaissance
  • DHCP starvation
  • STP attack
  • VLAN hopping

Explanation: Address spoofing attacks occur when the threat actor changes the MAC and/or IP address of the threat actor’s device to pose as another legitimate device, such as the default gateway.

2. A threat actor sends a BPDU message with priority 0. What type of attack is this?

  • Address spoofing
  • ARP spoofing
  • CDP reconnaissance
  • DHCP starvation
  • STP attack
  • VLAN hopping

Explanation: A threat actor sending BPDU messages with a priority of 0 is trying to becoming the root bridge in the STP topology.

3. A threat actor leases all the available IP addresses on a subnet. What type of attack is this?

  • Address spoofing
  • ARP spoofing
  • CDP reconnaissance
  • DHCP starvation
  • STP attack
  • VLAN hopping

Explanation: DHCP starvation attacks occur when a threat actor requests and receives all the available IP address for a subnet.

4. A threat actor sends a message that causes all other devices to believe the MAC address of the threat actor’s device is the default gateway. What type of attack is this?

  • Address spoofing
  • ARP spoofing
  • CDP reconnaissance
  • DHCP starvation
  • STP attack
  • VLAN hopping

Explanation: A threat actor can send a gratuitous ARP reply causing all devices to believe that the threat actor’s device is a legitimate device, such as the default gateway.

5. A threat actor configures a host with the 802.1Q protocol and forms a trunk with the connected switch. What type of attack is this?

  • Address spoofing
  • ARP spoofing
  • CDP reconnaissance
  • DHCP starvation
  • STP attack
  • VLAN hopping

Explanation: A threat actor can effectively hop VLANs if the threat actor’s device belongs to the native VLAN and trunks with the switch.

6. A threat actor discovers the IOS version and IP addresses of the local switch. What type of attack is this?

  • Address spoofing
  • ARP spoofing
  • CDP reconnaissance
  • DHCP starvation
  • STP attack
  • VLAN hopping

Explanation: A threat actor can use packet sniffing software, such as Wireshark, to view the contents of CDP messages, which are sent unencrypted and include a variety of device information including the IOS version and IP addresses.


guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x