If you change the native VLAN on the trunk port to an unused VLAN, what happens if an attacker attempts a
double-tagging attack?
A.
The trunk port would go into an error-disabled state.
B.
A VLAN hopping attack would be successful.
C.
A VLAN hopping attack would be prevented.
D.
The attacked VLAN will be pruned.
Explanation:
BD
VLAN hopping is a computer security exploit, a method of attacking networked resources on a virtual LAN
(VLAN). The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access
to traffic on other VLANs that would normally not be accessible. There are two primary methods of VLAN
hopping: switch spoofing and double tagging.
Double Tagging can only be exploited when switches use “Native VLANs”. Double Tagging can be mitigated by
either one of the following actions:
+ Simply do not put any hosts on VLAN 1 (The default VLAN)
+ Change the native VLAN on all trunk ports to an unused VLAN ID
Source: https://en.wikipedia.org/wiki/VLAN_hopping