CISSP Question of the Day – 6-27-2016

Getting You Prepped for the CISSP Exam ...One Question at a Time!

Today’s CISSP question topic: DHCP

In addition to IP addresses, DHCP servers provide network nodes with additional useful information such as a DNS server address, default gateway, and NetBIOS node type. Which of the following is NOT a legitimate attack that may be executed against your DHCP deployment? (Choose 3)

  1. A rogue DHCP server on your network can offer IP addresses to legitimate users, thereby creating a DoS or MitM situation.
  2. An attacker may gain control of your DHCP server and reconfigure the options assigned to clients.
  3. Using TCP redirects messages, an attacker can send client DHCP packets to a remote DHCP server.
  4. A rogue DHCP server can be used to reconfigure SMTP connection settings for internal email systems.
  5. An attacker can request multiple IP addresses from the legitimate DHCP server, exhausting the available pool of addresses.
  6. An attacker can remotely send negative acknowledgements whenever a client attempts to renew an IP address.



Check Your Answer


  1. Using TCP redirects messages, an attacker can send client DHCP packets to a remote DHCP server.
  2. A rogue DHCP server can be used to reconfigure SMTP connection settings for internal email systems.
  3. An attacker can remotely send negative acknowledgements (NACK) whenever a client attempts to renew an IP address.

Supporting Links:

  1. http://itsecurity.telelink.com/dhcp-attacks/
  2. http://www.securityartwork.es/2013/01/30/defenses-against-dhcp-attacks/


Co-workers, friends or colleagues studying for the CISSP exam, too? Share this question with them! Click an icon below to share to your preferred social media platform!
Posted in:
About the Author

Colin Weaver

Colin Weaver is co-owner and lead instructor at ITdojo, Inc., a network security and information assurance training center and consulting firm located in Virginia Beach, VA. His passion for technology, networks, and security has led him to become enthralled with the idea of IPv6 and its implementation. In this blog he will share with you glimpses of what he has learned and a hint at what you’ll learn in his classes.