Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?

  • DTP spoofing
  • DHCP spoofing
  • VLAN double-tagging
  • DHCP starvation
    Answers Explanation & Hints:

    Spoofing DTP messages forces a switch into trunking mode as part of a VLAN-hopping attack, but VLAN double tagging works even if trunk ports are disabled. Changing the native VLAN from the default to an unused VLAN reduces the possibility of this type of attack. DHCP spoofing and DHCP starvation exploit vulnerabilities in the DHCP message exchange.​

For more question and answers:

Click Here CCNA 2 SRWE v7 – Modules 10 – 13 – L2 Security and WLANs Exam Answers Full 100%