Ethical Hacking Essentials Practice Test

Which method is used to initiate a DHCP starvation attack?

• A. Sending forged ARP replies
• B. Flooding with numerous DHCP requests
• C. Redirecting DNS requests
• D. Submitting forged MAC addresses

The correct answer is: Flooding with numerous DHCP requests

A DHCP starvation attack involves an attacker attempting to exhaust the available IP addresses in a DHCP server's pool, making it impossible for legitimate devices to obtain an IP address. The method to achieve this is by flooding the DHCP server with numerous DHCP requests. Each request typically comes from a spoofed MAC address, leading the server to assign an IP address to each request. As the server's pool of addresses is depleted, legitimate users will not receive an IP address, effectively causing a denial of service. This method relies on overwhelming the DHCP server, creating a scenario where it cannot respond to legitimate requests due to the sheer volume of requests it is processing. The attacker’s objective is not to use a single valid MAC address but to simulate multiple requests from various devices, overwhelming the DHCP server's capacity. The other methods presented do not directly contribute to initiating a DHCP starvation attack. Sending forged ARP replies or redirecting DNS requests pertain to different types of network attacks and do not target the depletion of DHCP resources. Submitting forged MAC addresses, while relevant to the deception aspect of the attack, is not the primary action that constitutes the starvation aspect; rather, it's the repeated flooding of requests that plays the critical role in achieving the attack's objective.