🛡️ Free practice test question from: Attack Vector (Security+)

ARP spoofing (or poisoning) works by sending forged ARP (Address Resolution Protocol) messages over a local area network. These messages associate the attacker's MAC address with the IP address of another host, such as the default gateway. This causes traffic intended for that host to be mistakenly sent to the attacker instead. The attacker can then forward the traffic to its intended destination (acting as a "man-in-the-middle"), intercept it, or modify it before forwarding.

*****

A) While a flood of ARP requests could potentially cause a denial of service, this isn't the primary aim of ARP spoofing. This is more characteristic of an ARP flood attack, which is a separate type of attack.

C) ARP scanning is used for host discovery, but ARP spoofing is about manipulating ARP tables to redirect traffic.

D) While ARP spoofing does corrupt ARP cache tables, the goal isn't to force DNS resolution. The goal is to redirect traffic through the attacker.