Learn what type of attack floods a switch’s CAM (MAC address) table with fake MAC addresses for the CCNA 200-301 exam. Understand how MAC Address Flooding compromises network security by forcing switches to broadcast traffic.
Table of Contents
Question
What type of attack involves an attacker flooding a switch’s CAM table with fake MAC addresses?
A. Man-in-the-middle
B. Denial-of-Service
C. MAC Address Flooding
D. MAC Address Spoofing
E. ARP Poisoning
Answer
C. MAC Address Flooding
Explanation
In a MAC Address Flooding attack, the switch’s Content Addressable Memory (CAM) table is overwhelmed, forcing it to flood traffic to all ports.
A MAC Address Flooding attack targets a switch’s CAM (Content Addressable Memory) table by sending a large volume of frames with fake or random source MAC addresses. The goal is to fill the CAM table to capacity, causing the switch to enter a fail-open mode where it can no longer associate MAC addresses with specific ports. As a result, the switch begins broadcasting all incoming traffic to every port, similar to a hub, instead of forwarding it only to the intended recipient. This exposes all network traffic to every connected device, allowing an attacker to capture sensitive data and potentially conduct further attacks, such as man-in-the-middle or ARP spoofing.
This attack is also known as a CAM table overflow attack and is a significant security risk in switched networks. Port security features on switches can mitigate this threat by limiting the number of MAC addresses learned per port.
Cisco Certified Network Associate CCNA 200-301 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Cisco Certified Network Associate CCNA 200-301 exam and earn Cisco Certified Network Associate CCNA 200-301 certification.