Which three statements describe DHCP spoofing attacks? (Choose three.)
A . They can modify traffic in transit.
B . They are used to perform man-in-the-middle attacks.
C . They use ARP poisoning.
D . They can access most network devices.
E . They protect the identity of the attacker by masking the DHCP address.
F . They are can physically modify the network gateway.
Answer: A,B,C
Explanation:
DHCP spoofing occurs when an attacker attempts to respond to DHCP requests and trying to list themselves (spoofs) as the default gateway or DNS server, hence, initiating a man in the middle attack. With that, it is possible that they can intercept traffic from users before forwarding to the real gateway or perform DoS by flooding the real DHCP server with request to choke ip address resources.
Source: https://learningnetwork.cisco.com/thread/67229 https://learningnetwork.cisco.com/docs/DOC-24355
Also when i took the exam, it asked me for only 2 options. AB is correct
Leave a Reply