Certified Ethical Hacker (CEH v10) — Question 85

An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

Answer options

• A. He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.
• B. He will activate OSPF on the spoofed root bridge.
• C. He will repeat this action so that it escalates to a DoS attack.
• D. He will repeat the same attack against all L2 switches of the network.

Correct answer: A

Explanation

The correct answer is A because after manipulating the Spanning Tree Protocol (STP), the attacker can create a SPAN entry to capture and redirect network traffic to their own device. Options B and D do not directly follow from STP manipulation and would not be the immediate next steps for exploiting the network, while C suggests a different type of attack that does not directly relate to the STP manipulation success.