Home › B.Tech Cyber Security › cybersecurity › Network Security › ARP SPOOFING (or ARP poisoning) lets an attacker…
ARP SPOOFING (or ARP poisoning) lets an attacker on a LAN
Aspeed up DNS resolution times
Bclaim another host's IP to redirect
Cdecrypt all in-flight messages
Dincrease available network bandwidth
Answer & Solution
Correct answer: B. claim another host's IP to redirect
1. ARP (Address Resolution Protocol) maps IP addresses to MAC addresses on a local network. It has NO authentication.
2. ARP SPOOFING: attacker sends forged ARP replies claiming to be the gateway (or another host).
3. Other hosts update their ARP tables; traffic destined for the gateway now flows to the attacker — enabling MITM.
4. MITIGATIONS:
• DYNAMIC ARP INSPECTION on managed switches (compares ARP packets against DHCP snooping table).
• Static ARP entries for critical hosts (rare in modern networks).
• PORT SECURITY on switches limits MAC addresses per port.
5. Tools: Ettercap, arpspoof — used by pen-testers to demonstrate the attack.
_Source: NIST SP 800-12 + RFC 826 (ARP) — vulnerability is well-known in the protocol design._
Related questions
A SIEM (Security Information and Event Management) system primarilyA WEB APPLICATION FIREWALL (WAF) sits at which layer of the network?WPA3 isA ZERO-TRUST network architecture is based on the principleDDoS (Distributed Denial of Service) differs from DoS in thatDNSSEC adds which security property to DNS?A MAN-IN-THE-MIDDLE (MITM) attack happens whenA SYN FLOOD attack works by