Certified Ethical Hacker (CEH v11) — Question 6

An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

Answer options

• A. He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.
• B. He will activate OSPF on the spoofed root bridge.
• C. He will repeat this action so that it escalates to a DoS attack.
• D. He will repeat the same attack against all L2 switches of the network.

Correct answer: A

Explanation

The correct answer is A because the attacker seeks to redirect traffic to their computer by creating a SPAN entry on the compromised root bridge. Options B and C are incorrect because they do not directly relate to the immediate next steps post-STP manipulation, and option D, while plausible, is not the next logical action to take after successfully manipulating STP.