Month End Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

During a red team assessment of an enterprise LAN environment, the tester discovers an access...

ECCouncil 312-50v13 Full Course Access
ECCouncil 312-50v13 View All Questions

During a red team assessment of an enterprise LAN environment, the tester discovers an access switch that connects multiple internal workstations. The switch has no port security measures in place. To silently intercept communication between different hosts without deploying ARP poisoning or modifying the routing table, the tester launches a MAC flooding attack using the macof utility from the dsniff suite. This command sends thousands of Ethernet frames per minute, each with random, spoofed source MAC addresses. Soon after the flooding begins, the tester puts their network interface into promiscuous mode and starts capturing packets. They observe unicast traffic between internal machines appearing in their packet sniffer—traffic that should have been isolated. What internal switch behavior is responsible for this sudden exposure of isolated traffic?

A.

The switch performed ARP spoofing to misroute packets.

B.

The switch entered hub-like behavior due to a full CAM table.

C.

The interface performed DHCP starvation to capture broadcasts.

D.

The switch disabled MAC filtering due to duplicate address conflicts.

312-50v13 PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now 312-50v13 pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
While using your bank’s online servicing you notice the following string in the URL bar:"http://www.
While conducting a covert penetration test on a UNIX-based infrastructure, the tester decides to bypass...
Previous