CompTIA PenTest+ (PT0-003) — Question 106

A penetration tester is performing a network security assessment. The tester wants to intercept communication between two users and then view and potentially modify transmitted data. Which of the following types of on-path attacks would be best to allow the penetration tester to achieve this result?

Answer options

• A. DNS spoofing
• B. ARP poisoning
• C. VLAN hopping
• D. SYN flooding

Correct answer: B

Explanation

ARP poisoning is the correct choice because it allows an attacker to intercept and manipulate communication between devices on a local network by sending falsified ARP messages. DNS spoofing can redirect traffic but does not enable direct modification of the data being transmitted. VLAN hopping is related to bypassing VLAN security but does not specifically target data interception or alteration. SYN flooding is a denial-of-service attack that disrupts the connection establishment process rather than facilitating data interception.