MODULE 8: Sniffing

Question 1

What describes a sniffing technique in which altered DNS records are used to redirect online traffic to a fraudulent website that resembles its intended destination?

ARP Poisoning
Mac Flooding
DHCP Attacks
DNS Poisoning

Answer 1

DNS Poisoning

Question 2

What describes is a type of sniffing attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table?

MAC Flooding
DHCP Attack
ARP Poisoning
DNS Poisoning

Answer 2

ARP Poisoning

Question 3

At what layer of the OSI model do sniffers operate?

data link layer
network layer
physical layer
application layer

Answer 3

data link layer

Question 4

What term describes copying data from multiple ports to a single port to allow inspection of all traffic through a switch port analyzer (SPAN)?

Port Switching
Port Forwarding
Port Mirroring

Answer 4

Port Mirroring

Question 5

What type of attack is described by flooding the CAM table with fake MAC addresses and IP pairs until it is full?

The switch then acts as a hub and broadcasts traffic to the whole network allowing for easy sniffing.

MAC Flooding
Switch port Stealing
Easy Switching

Answer 5

MAC flooding

Question 6

What protocol uses port UDP 67 (server) and UDP 68 (client)?

LDAP
DHCP
DNS
FTP

Answer 6

DHCP

Question 7

Which protocol is used to dynamically lease IP addresses to hosts?

NTP
DHCP
SMTP
SSH

Answer 7

DHCP

Question 8

SLIDE 23

Answer 8

SLIDE 23