Last Updated on October 29, 2020 by InfraExam
Which type of VLAN-hopping attack may be prevented by designating an unused VLAN as the native VLAN?
- DTP spoofing
- DHCP spoofing
- VLAN double-tagging
- DHCP starvation
Answers Explanation & Hints:
Spoofing DTP messages forces a switch into trunking mode as part of a VLAN-hopping attack, but VLAN double tagging works even if trunk ports are disabled. Changing the native VLAN from the default to an unused VLAN reduces the possibility of this type of attack. DHCP spoofing and DHCP starvation exploit vulnerabilities in the DHCP message exchange.