210-250 · Question #90
An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity?
The correct answer is B. The switch could become the root bridge.. Sending superior BPDUs with a lower bridge ID or priority causes the rogue switch to win the STP root bridge election, disrupting network topology.
Question
An attacker installs a rogue switch that sends superior BPDUs on your network. What is a possible result of this activity?
Options
- AThe switch could offer fake DHCP addresses.
- BThe switch could become the root bridge.
- CThe switch could be allowed to join the VTP domain
- DThe switch could become a transparent bridge.
How the community answered
(43 responses)- A2% (1)
- B84% (36)
- C5% (2)
- D9% (4)
Why each option
Sending superior BPDUs with a lower bridge ID or priority causes the rogue switch to win the STP root bridge election, disrupting network topology.
Offering fake DHCP addresses is a DHCP starvation or spoofing attack that does not involve BPDUs and is unrelated to STP manipulation.
In Spanning Tree Protocol (STP), the root bridge is elected based on bridge ID, which combines priority and MAC address. A rogue switch broadcasting BPDUs with a lower bridge priority forces all legitimate switches to re-elect it as root bridge, giving the attacker control over traffic forwarding paths across the network.
Joining a VTP domain depends on matching the VTP domain name and password, not on BPDU superiority or STP election outcomes.
A transparent bridge forwards frames without participating in STP elections, which is the opposite of what sending superior BPDUs is designed to accomplish.
Concept tested: STP root bridge election via rogue BPDUs
Source: https://www.cisco.com/c/en/us/support/docs/lan-switching/spanning-tree-protocol/5234-5.html
Topics
Community Discussion
No community discussion yet for this question.