In normal ARP traffic, an attacker on the same network cannot see traffic between two hosts.

Prepare for the Network Security Examination by mastering key concepts in cybersecurity. Utilize interactive questions and detailed explanations to enhance your knowledge. Excel in your exam with our comprehensive preparation resources!

Multiple Choice

In normal ARP traffic, an attacker on the same network cannot see traffic between two hosts.

Explanation:
Traffic between two hosts on a typical switched Ethernet network isn’t exposed to other hosts. Switches forward frames only to the port where the destination MAC resides, so the actual unicast data exchanged between two hosts remains isolated from others on the same LAN. ARP, on the other hand, is used to discover MAC addresses and its requests are broadcast to all devices on the network, so an attacker can see ARP traffic but not the payload of the conversation between two hosts. Only in scenarios like ARP spoofing, promiscuous capture on a compromised device, or a hub-based network would the attacker be able to observe the actual traffic. So the statement is true.

Traffic between two hosts on a typical switched Ethernet network isn’t exposed to other hosts. Switches forward frames only to the port where the destination MAC resides, so the actual unicast data exchanged between two hosts remains isolated from others on the same LAN. ARP, on the other hand, is used to discover MAC addresses and its requests are broadcast to all devices on the network, so an attacker can see ARP traffic but not the payload of the conversation between two hosts. Only in scenarios like ARP spoofing, promiscuous capture on a compromised device, or a hub-based network would the attacker be able to observe the actual traffic. So the statement is true.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy