312-50V10 · Question #933
Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process. Robin plugged in a rogue switch to an unused port in the LAN with a priority lower than
The correct answer is D. STP attack. NOTE - the provided correct answer (C) appears to be an error in the answer key; the scenario describes an STP attack (D). Connecting a rogue switch configured with a lower bridge priority value to seize the root bridge role is a classic STP manipulation attack.
Question
Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process. Robin plugged in a rogue switch to an unused port in the LAN with a priority lower than any other switch inthe network so that he could make it a root bridge that will later allow him to sniff all the traffic in thenetwork. What is the attack performed by Robin in the above scenario?
Options
- AARP spoofing attack
- BVLAN hopping attack
- CDNS poisoning attack
- DSTP attack
How the community answered
(37 responses)- A3% (1)
- B11% (4)
- C3% (1)
- D84% (31)
Why each option
NOTE - the provided correct answer (C) appears to be an error in the answer key; the scenario describes an STP attack (D). Connecting a rogue switch configured with a lower bridge priority value to seize the root bridge role is a classic STP manipulation attack.
ARP spoofing sends forged ARP replies to poison neighbor ARP caches and redirect Layer 2 traffic at the endpoint level; it does not involve manipulating STP bridge priority elections.
VLAN hopping exploits 802.1Q trunking misconfigurations or switch spoofing to send frames across VLAN boundaries, and does not involve root bridge manipulation via STP priority.
DNS poisoning corrupts resolver caches to redirect domain lookups to attacker-controlled IPs; it is a Layer 7 technique entirely unrelated to switch priority values or STP behavior.
In Spanning Tree Protocol, the switch with the lowest numeric bridge priority value wins the root bridge election, and all network traffic flows through it. By connecting a rogue switch configured with a bridge priority lower than any legitimate switch, Robin forces STP to elect his device as root bridge, causing all traffic in the network to traverse his switch and enabling him to passively sniff it.
Concept tested: STP root bridge hijacking via rogue switch priority
Source: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/spantree.html
Topics
Community Discussion
No community discussion yet for this question.