Which of the following attacks would most likely cause duplicate IP addresses in a network?
Correct Answer: A
* Definition of a Rogue DHCP Server:
* A rogue DHCP server is an unauthorized DHCP server on a network, which can assign IP addresses to devices without proper control, leading to IP address conflicts.
* Impact of a Rogue DHCP Server:
* IP Address Conflicts: Multiple devices may receive the same IP address from different DHCP servers, causing network connectivity issues.
* Network Disruption: Devices may be assigned incorrect network configuration settings, disrupting network services and connectivity.
* Comparison with Other Attacks:
* DNS poisoning: Alters DNS records to redirect traffic to malicious sites, but does not cause IP address conflicts.
* Social engineering: Involves manipulating individuals to gain unauthorized access or information, not directly related to IP address conflicts.
* Denial-of-service (DoS): Floods a network or service with excessive traffic to disrupt operations, but does not cause duplicate IP addresses.
* Prevention and Detection:
* Implement network access control measures to prevent unauthorized devices from acting as DHCP servers.
* Use DHCP snooping on switches to allow DHCP responses only from authorized DHCP servers.
References:
* CompTIA Network+ study materials on network security threats and mitigation techniques.