nerdexam
EC-Council

312-50V10 · Question #821

Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcasting forged DHCP reques

The correct answer is B. DHCP starvation. Abel performed a DHCP starvation attack by flooding the DHCP server with forged requests to exhaust the entire IP address pool, denying service to legitimate users.

Denial of Service

Question

Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcasting forged DHCP requests and leased all the DHCP addresses available in the DHCP scope until the server could not issue any more IP addresses. This led to a Dos attack, and as a result, legitimate employees were unable to access the clients network. Which of the following attacks did Abel perform in the above scenario?

Options

  • AVLAN hopping
  • BDHCP starvation
  • CRogue DHCP server attack
  • DSTP attack

How the community answered

(54 responses)
  • A
    4% (2)
  • B
    87% (47)
  • C
    2% (1)
  • D
    7% (4)

Why each option

Abel performed a DHCP starvation attack by flooding the DHCP server with forged requests to exhaust the entire IP address pool, denying service to legitimate users.

AVLAN hopping

VLAN hopping exploits 802.1Q or ISL tagging to gain unauthorized access to traffic on other VLANs, and has no relation to exhausting DHCP address pools.

BDHCP starvationCorrect

DHCP starvation is an attack where an adversary sends a large volume of forged DHCP DISCOVER requests using spoofed MAC addresses, consuming all available leases in the DHCP scope. Once the pool is exhausted, the server cannot assign IP addresses to legitimate clients, causing a denial of service. This precisely matches the scenario where Abel leased all available addresses until no more could be issued.

CRogue DHCP server attack

A rogue DHCP server attack involves deploying an unauthorized DHCP server that hands out malicious configuration data such as a fake default gateway, rather than draining the legitimate server's address pool.

DSTP attack

An STP attack manipulates the Spanning Tree Protocol root bridge election to intercept or redirect traffic, and does not involve DHCP requests or IP address exhaustion.

Concept tested: DHCP starvation attack and address pool exhaustion

Source: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SXF/native/configuration/guide/swcg/snoodhcp.html

Topics

#DHCP starvation#DHCP exhaustion#DoS attack#network flooding

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice