Harold is the senior security analyst for a small state agency in New York. He has no other
security professionals that work under him, so he has to do all the security-related tasks for the
agency. Coming from a computer hardware background, Harold does not have a lot of experience
with security methodologies and technologies, but he was the only one who applied for the
position. Harold is currently trying to run a Sniffer on the agency’s network to get an idea of what
kind of traffic is being passed around, but the program he is using does not seem to be capturing
anything. He pours through the Sniffer’s manual, but cannot find anything that directly relates to
his problem. Harold decides to ask the network administrator if he has any thoughts on the
problem. Harold is told that the Sniffer was not working because the agency’s network is a
switched network, which cannot be sniffed by some programs without some tweaking. What
technique could Harold use to sniff his agency’s switched network?
A.
ARP spoof the default gateway
B.
Conduct MiTM against the switch
C.
Launch smurf attack against the switch
D.
Flood the switch with ICMP packets
A
D – Harold needs to force the switch to function as a hub by flooding it.
force the switch to function as a hub, it is when you flood the ARP table.
yes you need to flood it, but not with ICMP.. ARP spoofing/flooding
A – ARP Spoofing the MAC Address of the Switch will have all packets routed through the attacker device, allowing all data to be sniffed and forwarded onto the Switch