CompTIA Security+ (SY0-501) — Question 785

Which of the following types of attack is being used when an attacker responds by sending the MAC address of the attacking machine to resolve the MAC to IP address of a valid server?

Answer options

• A. Session hijacking
• B. IP spoofing
• C. Evil twin
• D. ARP poisoning

Correct answer: D

Explanation

ARP poisoning is the correct answer because it involves an attacker sending malicious ARP messages to associate their MAC address with the IP address of a legitimate server. Session hijacking involves taking over a user session, IP spoofing refers to sending packets from a false IP address, and an evil twin is a rogue Wi-Fi access point that mimics a legitimate one.