Chapter 48 Β· Quiz

On-Path Attacks Quiz

6 multiple-choice questions and a matching section. Submit to reveal answers and explanations.

Question 1 of 6
What is the fundamental security flaw in ARP that makes ARP poisoning possible?
Question 2 of 6
During an ARP poisoning attack targeting traffic between a laptop (192.168.1.9, MAC …38:d5) and a router (192.168.1.1, MAC …BB:FE), what does the attacker send to the laptop?
Question 3 of 6
What is the result of a successful ARP poisoning attack where the attacker has poisoned both the laptop's and the router's ARP caches?
Question 4 of 6
Which of the following correctly describes a key scope limitation of ARP poisoning attacks?
Question 5 of 6
Which switch-level security control directly prevents ARP poisoning by dropping forged ARP replies before they reach target devices?
Question 6 of 6
A bank customer reports unauthorized account transfers. Investigation shows the transactions used valid session tokens from the customer's own IP address, and network packet capture of the customer's traffic shows only clean, legitimate HTTPS connections to the bank's domain. Which attack most likely explains this scenario?
Matching β€” On-Path Attack Concepts
Match each term on the left to its correct description on the right.
1. On-Path Attack
2. ARP Poisoning
3. On-Path Browser Attack
4. Dynamic ARP Inspection
A. Switch-level control that validates ARP packets against a trusted IP-to-MAC binding table; drops replies that conflict with the table, preventing cache corruption
B. Attack that corrupts ARP caches by sending forged, unsolicited ARP replies; requires attacker to be on the same subnet as both victims; mitigated by DAI and network segmentation
C. Attack where the attacker positions themselves between two communicating devices; both victims believe they are communicating directly and are unaware of the attacker's presence
D. Malware-based attack operating inside the victim's own browser; intercepts traffic before encryption and after decryption; bypasses HTTPS; targets banking sessions for credential and session token theft