While performing surveillance activities an attacker determines that an organization is using 802.1X to secure LAN access. Which of the following attack
mechanisms can the attacker utilize to bypass the identified network security controls?
A.
MAC spoofing
B.
Pharming
C.
Xmas attack
D.
ARP poisoning
Attacker is insider or outsider. MAC spoofing is done in switches(inside) and ARP poisoning at the router level(outside)!! Assuming attacker uses surveilance, so he is outsider. So correct answer is D
0
0
ARP Spoofing(poisoning) – The attack can only be used on networks that use the Address Resolution Protocol, and is limited to local network segments
0
0
For me, ARP spoofing is an insider attack: ARP requests and replies don’t go out of the local network. So, this is not suitable. MAC spoofing is also not possible, because 802.1x is much stronger than simple MAC address filtering and authenticates the device with a Radius server. It’s an odd question…
1
0
That is very funny because 802.1x is one of the techniques that can prevent ARP poisoning and Mac Spoofing
If I want to choose between these two which both are not right I would go with D
By the way I hate CompTIA
1
0
ARP poisoning An attack that exploits Ethernet networks, and it may enable an attacker
to sniff frames of information, modify that information, or stop it from getting to
its intended destination.
MAC spoofing is when an attacker
disguises the MAC address of their network adapter with another number.The MAC address is the best way because it is unique and is the hardest to
modify or spoof. IP addresses are often dynamically assigned on networks and
are easily modified. Computer names (which are effectively NetBIOS names)
can easily be changed as well.
I chose A…
1
0
MAC spoofing—An attack that changes the source MAC address.
I choose A
1
1
Maybe it’s looking for MAB here? If some devices do not support 802.1X and MAB is enabled then MAC spoofing would work.
When MAB is configured on a port, that port will first try to check if the connected device is 802.1X compliant, and if no reaction is received from the connected device, it will try to authenticate with the AAA server using the connected device’s MAC address as username and password.
0
0