Exam 312-50v13 Topic 1 Question 251 Discussion
Actual exam question for ECCouncil's 312-50v13 exam
Question #: 251
Topic #: 1
Question #: 251
Topic #: 1
Which type of sniffing technique is generally referred as MiTM attack?


Suggested Answer: B Vote an answer
Comprehensive and Detailed Explanation:
ARP Poisoning (Address Resolution Protocol Poisoning) is a classic Man-in-the-Middle (MiTM) attack in a LAN environment. It works by sending fake ARP replies to devices on a network to associate the attacker's MAC address with the IP address of another host (typically the default gateway). As a result:
Network traffic meant for the gateway is sent to the attacker instead.
The attacker can then intercept, modify, or forward the traffic to the actual destination, performing a full MiTM.
This allows the attacker to:
Sniff sensitive data (e.g., credentials, emails)
Hijack sessions
Inject malicious payloads
From CEH v13 Courseware:
Module 8: Sniffing
Topic: MiTM Attacks # ARP Spoofing Techniques
Incorrect Options:
A). Password Sniffing is a result of MiTM but not a technique itself.
C). MAC Flooding is a switch attack that floods the CAM table to make the switch act like a hub.
D). DHCP Sniffing relates to capturing DHCP messages but is not commonly used for MiTM.
Reference:CEH v13 Study Guide - Module 8: ARP Poisoning and MiTM AttacksOWASP Network Threats - ARP Spoofing ChatGPT said:
ARP Poisoning (Address Resolution Protocol Poisoning) is a classic Man-in-the-Middle (MiTM) attack in a LAN environment. It works by sending fake ARP replies to devices on a network to associate the attacker's MAC address with the IP address of another host (typically the default gateway). As a result:
Network traffic meant for the gateway is sent to the attacker instead.
The attacker can then intercept, modify, or forward the traffic to the actual destination, performing a full MiTM.
This allows the attacker to:
Sniff sensitive data (e.g., credentials, emails)
Hijack sessions
Inject malicious payloads
From CEH v13 Courseware:
Module 8: Sniffing
Topic: MiTM Attacks # ARP Spoofing Techniques
Incorrect Options:
A). Password Sniffing is a result of MiTM but not a technique itself.
C). MAC Flooding is a switch attack that floods the CAM table to make the switch act like a hub.
D). DHCP Sniffing relates to capturing DHCP messages but is not commonly used for MiTM.
Reference:CEH v13 Study Guide - Module 8: ARP Poisoning and MiTM AttacksOWASP Network Threats - ARP Spoofing ChatGPT said:
by Morton at Jan 04, 2026, 02:47 PM
Contact Us
If you have any question please leave me your email address, we will reply and send email to you in 12 hours.
Our Working Time: ( GMT 0:00-15:00 ) From Monday to Saturday
Support: Contact now
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).