Which is an example of a CDP reconnaissance attack?
- A threat actor changes the MAC address of the threat actor’s device to the MAC address of the default gateway.
- A threat actor configures a host with the 802.1Q protocol and forms a trunk with the connected switch.
- A threat actor discovers the IOS version and IP addresses of the local switch.
- A threat actor leases all the available IP addresses on a subnet to deny legitimate clients DHCP resources.
- A threat actor sends a BPDU message with priority 0.
- A threat actor sends a message that causes all other devices to believe the MAC address of the threat actor’s device is the default gateway
Explanation: A threat actor can use packet sniffing software, such as Wireshark, to view the contents of CDP messages, which are sent unencrypted and include a variety of device information, including the IOS version and IP addresses. CDP and LLDP should not be enabled on edge devices and should be disabled globally or on a per-interface basis if not required.
Exam with this question: 10.6.2 Module Quiz - LAN Security Concepts
Please login or Register to submit your answer