how is the attacker able to gather information?

seenagapeOctober 29, 2014

When an attacker is using switch spoofing to perform VLAN hopping, how is the attacker able to
gather information?

PrepAway - Latest Free Exam Questions & Answers

A.
The attacking station uses DTP to negotiate trunking with a switch port and captures all traffic
that is allowed on the trunk.

B.
The attacking station tags itself with all usable VLANs to capture data that is passed through
the switch, regardless of the VLAN to which the data belongs.

C.
The attacking station generates frames with two 802.1Q headers to cause the switch to forward
the frames to a VLAN that would be inaccessible to the attacker through legitimate means.

D.
The attacking station uses VTP to collect VLAN information that is sent out and then tags itself
with the domain information to capture the data.

Explanation:
DTP should be disabled for all user ports on a switch. If the port is left with DTP auto configured
(default on many switches), an attacker can connect and arbitrarily cause the port to start trunking
and therefore pass all VLAN information.
Reference:
http://www.cisco.com/en/US/solutions/ns340/ns517/ns224/ns376/net_design_guidance0900aecd8
00ebd1e.pdf

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

Cisco Exam Questions

Free Cisco Study Guide

how is the attacker able to gather information?

Leave a Reply Cancel reply