312-50V13 · Question #464
Which type of attack attempts to overflow the content-addressable memory (CAM) table in an Ethernet switch?
The correct answer is C. MAC flooding. A MAC flooding attack aims to overflow an Ethernet switch's Content-Addressable Memory (CAM) table, forcing it to act as a hub.
Question
Options
- AEvil twin attack
- BDNS cache flooding
- CMAC flooding
- DDDoS attack
How the community answered
(62 responses)- A5% (3)
- B2% (1)
- C87% (54)
- D6% (4)
Why each option
A MAC flooding attack aims to overflow an Ethernet switch's Content-Addressable Memory (CAM) table, forcing it to act as a hub.
An evil twin attack involves a rogue wireless access point mimicking a legitimate one to intercept client connections, not targeting a switch's CAM table.
DNS cache flooding (or poisoning) injects fraudulent data into a DNS resolver's cache to redirect traffic, unrelated to switch CAM tables.
A MAC flooding attack sends a multitude of frames with spoofed MAC addresses to a switch, filling its CAM table to capacity. Once full, the switch enters a fail-open mode, broadcasting all traffic to all ports, which allows an attacker to capture network data.
A DDoS attack involves overwhelming a target with traffic from multiple sources, which is a different mechanism and objective than overflowing a switch's internal tables.
Concept tested: MAC flooding attack on switches
Source: https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/107074-mac-flood-00.html
Topics
Community Discussion
No community discussion yet for this question.