nerdexam
Exams210-260Questions#80
Cisco

210-260 · Question #80

210-260 Question #80: Real Exam Question with Answer & Explanation

The correct answer is C: A VLAN hopping attack would be prevented. The key feature of a double tagging attack is exploiting the native VLAN. Since VLAN 1 is the default VLAN for access ports and the default native VLAN on trunks, it’s an easy target. The first countermeasure is to remove access ports from the default VLAN 1 since the attacker’s

Question

If you change the native VLAN on the port to an unused VLAN, what happens if an attacker attempts a double tagging attack?

Options

  • AThe trunk port would go into an error-disable state.
  • BA VLAN hopping attack would be successful
  • CA VLAN hopping attack would be prevented
  • Dthe attacked VLAN will be pruned

Explanation

The key feature of a double tagging attack is exploiting the native VLAN. Since VLAN 1 is the default VLAN for access ports and the default native VLAN on trunks, it’s an easy target. The first countermeasure is to remove access ports from the default VLAN 1 since the attacker’s port must match that of the switch’s native VLAN.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 210-260 Practice