Network Attacks & Mitigations

Question 1

Man in the Middle

Answer 1

ARP poisoning can enable an attacker to become the man in the middle & intercept traffic

Question 2

DoS

Answer 2

By poisoning ARP tables, an attacker can perform a DoS by creating false traffic routes

Question 3

Spoofing Identity

Answer 3

An attacker can use ARP poisoning to hide in the network

Question 4

How to prevent ARP poisoning

Answer 4

• Identify duplicate MAC address
• Check for Suspicious ARP traffic
• User Static ARP entries
• Configure Port security
• use encrypted protocols

Question 5

Yersenia

Answer 5

Framework for creating network attacks
exploits network protocols vulnerabilities
comes with ready-made attacks against multiple protocols

Question 6

Shutdown (default mode)

Answer 6

The port shuts down automatically and notification is sent

Question 7

Restrict

Answer 7

Drops frames with unfamiliar source MAC addresses and sends a notification

Question 8

Protect

Answer 8

frames with unknown source MAC addresses are dropped with no notification sent

Question 9

Manual

Answer 9

Most secure method

requires manual configuration of each allowed MA per interface

Question 10

Sticky

Answer 10

MACS are learned dynamically and limited to a maximum number per interface
(port security 1 & 3072)

Question 11

VLAN Hopping

Answer 11

The attacker bypasses switch restrictions and intercepts traffic from various VLANs
two common methods, Switch Spoofing & Double Tagging