Which three statements are characteristics of DHCP Spoofing? (Choose three.)
A.
Arp Poisoning
B.
Modify Traffic in transit
C.
Used to perform man-in-the-middle attack
D.
Physically modify the network gateway
E.
Protect the identity of the attacker by masking the DHCP address
F.
Can access most network devices
Explanation:
In DHCP spoofing attacks, the attacker takes over the DHCP server role and can serve IP
addresses and his IP address as default gateway. By doing that he performs a man-in-themiddle attack, and because all the traffic passes through his computer he can modify traffic in
transit and he physically changed the default gateway.
ABC
ABC should be correct
BCD – ARP poisoning is not related to DHCP spoofing.
https://security.stackexchange.com/questions/172687/what-is-the-role-of-arp-poisoning-when-doing-a-dhcp-spoofing-attack
DHCP spoofing relies on ARP poisoning.
Read a little more within your own reference link:
“you can set up a rogue DHCP server, send out bogus ARP packets telling servers that you are the DHCP server, then hand out DHCP reservations that suit your needs.” Which is a Man-in-the-middle attack.
Further Official reference:
(ctrl+F)
ARP (Address Resolution Protocol) Poisoning (MITM) Attack: Scenario 2 and 3 explain how DHCP spoofing uses ARP poisoning to accomplish a MITM attack.
https://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11_603839.html
Also- how would a protocol PHYSICALLY modify a gateway? Everything these attacks do is to manipulate- logical or configurable changes.
Neither of these attacks can physically shut down a router or a switch- thats not their design.