Free CompTIA Network+ N10-008 Practice Question

VLAN hopping is a network attack where an attacker configures a system in one VLAN to appear as if it belongs to another VLAN, typically by taking advantage of switch misconfigurations, such as an enabled native VLAN that coincides with an access VLAN. To perform VLAN hopping, an attacker might use double tagging or switch spoofing. Double tagging involves manipulating the VLAN tags on Ethernet frames to fool switches into forwarding packets not normally accessible to an attacker. Switch spoofing is when an attacker configures a device to mimic a switch, thus allowing the attacker to negotiate trunking. However, without direct control over switch configuration or tag manipulation, ARP spoofing and DNS poisoning would not facilitate VLAN hopping, as they are different types of attacks affecting the layer 2 and layer 3 protocols respectively and do not inherently allow packets to traverse between VLANs with the VLAN hopping technique.