312-50V10 · Question #821
Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcasting forged DHCP reques
The correct answer is B. DHCP starvation. Abel performed a DHCP starvation attack by flooding the DHCP server with forged requests to exhaust the entire IP address pool, denying service to legitimate users.
Question
Abel, a security professional, conducts penetration testing in his client organization to check for any security loopholes. He launched an attack on the DHCP servers by broadcasting forged DHCP requests and leased all the DHCP addresses available in the DHCP scope until the server could not issue any more IP addresses. This led to a Dos attack, and as a result, legitimate employees were unable to access the clients network. Which of the following attacks did Abel perform in the above scenario?
Options
- AVLAN hopping
- BDHCP starvation
- CRogue DHCP server attack
- DSTP attack
How the community answered
(54 responses)- A4% (2)
- B87% (47)
- C2% (1)
- D7% (4)
Why each option
Abel performed a DHCP starvation attack by flooding the DHCP server with forged requests to exhaust the entire IP address pool, denying service to legitimate users.
VLAN hopping exploits 802.1Q or ISL tagging to gain unauthorized access to traffic on other VLANs, and has no relation to exhausting DHCP address pools.
DHCP starvation is an attack where an adversary sends a large volume of forged DHCP DISCOVER requests using spoofed MAC addresses, consuming all available leases in the DHCP scope. Once the pool is exhausted, the server cannot assign IP addresses to legitimate clients, causing a denial of service. This precisely matches the scenario where Abel leased all available addresses until no more could be issued.
A rogue DHCP server attack involves deploying an unauthorized DHCP server that hands out malicious configuration data such as a fake default gateway, rather than draining the legitimate server's address pool.
An STP attack manipulates the Spanning Tree Protocol root bridge election to intercept or redirect traffic, and does not involve DHCP requests or IP address exhaustion.
Concept tested: DHCP starvation attack and address pool exhaustion
Source: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SXF/native/configuration/guide/swcg/snoodhcp.html
Topics
Community Discussion
No community discussion yet for this question.