nerdexam
EC-Council

312-50V13 · Question #464

Which type of attack attempts to overflow the content-addressable memory (CAM) table in an Ethernet switch?

The correct answer is C. MAC flooding. A MAC flooding attack aims to overflow an Ethernet switch's Content-Addressable Memory (CAM) table, forcing it to act as a hub.

Submitted by daniela_cl· Mar 6, 2026Sniffing

Question

Which type of attack attempts to overflow the content-addressable memory (CAM) table in an Ethernet switch?

Options

  • AEvil twin attack
  • BDNS cache flooding
  • CMAC flooding
  • DDDoS attack

How the community answered

(62 responses)
  • A
    5% (3)
  • B
    2% (1)
  • C
    87% (54)
  • D
    6% (4)

Why each option

A MAC flooding attack aims to overflow an Ethernet switch's Content-Addressable Memory (CAM) table, forcing it to act as a hub.

AEvil twin attack

An evil twin attack involves a rogue wireless access point mimicking a legitimate one to intercept client connections, not targeting a switch's CAM table.

BDNS cache flooding

DNS cache flooding (or poisoning) injects fraudulent data into a DNS resolver's cache to redirect traffic, unrelated to switch CAM tables.

CMAC floodingCorrect

A MAC flooding attack sends a multitude of frames with spoofed MAC addresses to a switch, filling its CAM table to capacity. Once full, the switch enters a fail-open mode, broadcasting all traffic to all ports, which allows an attacker to capture network data.

DDDoS attack

A DDoS attack involves overwhelming a target with traffic from multiple sources, which is a different mechanism and objective than overflowing a switch's internal tables.

Concept tested: MAC flooding attack on switches

Source: https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/107074-mac-flood-00.html

Topics

#MAC flooding#CAM table overflow#switch security#network attacks

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice