Digital Forensic Certification Practice Exam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Digital Forensic Certification Exam with our comprehensive quiz featuring flashcards and multiple choice questions, all accompanied by insightful hints and explanations. Elevate your readiness for success!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What type of attack involves flooding a switch's interface with Ethernet frames from various fake hardware addresses?

  1. ARP spoofing

  2. MAC flooding

  3. Denial of Service

  4. Packet sniffing

The correct answer is: MAC flooding

The correct answer is focused on the technique of overwhelming a switch's interface by sending a large number of Ethernet frames, each with different fake hardware addresses (MAC addresses). This practice is known as MAC flooding. In a switching network, each switch maintains a MAC address table that maps MAC addresses to their corresponding switch ports. When the table becomes full due to excessive fake addresses being sent, the switch can no longer properly process legitimate traffic. Instead of forwarding packets based on the MAC address table, the switch will enter what's called "fail-open mode," broadcasting incoming frames to all ports. This leads to network congestion and can substantially degrade the performance of the switch and the network overall. While the other options may involve network attacks or monitoring, they do not specifically describe the act of flooding a switch with frames that feature numerous fabricated MAC addresses, which is the defining characteristic of MAC flooding.

More Questions Like This