What is an attack method known as "VLAN hopping"?

VLAN hopping is specifically related to how attackers can exploit weaknesses in network configurations to send packets to a VLAN that they are not authorized to access. The correct method that describes this attack is through switch spoofing and double tagging.

In switch spoofing, an attacker can manipulate a switch port to make it believe it is a trunk port. This allows the attacker to gain access to multiple VLANs and potentially eavesdrop or compromise sensitive data. On the other hand, double tagging occurs when an attacker adds two VLAN tags to a packet. The first tag corresponds to one VLAN (the attacker’s VLAN), while the second tag is intended for another VLAN that the attacker is attempting to access. When a switch sees the first tag, it forwards the packet to the next switch. The next switch removes the first tag and forwards the packet as if it originated from a legitimate member of the second VLAN.

Both techniques are inexpensive and easily executed if network security measures like proper VLAN configurations and access controls are not in place, making switch spoofing and double tagging vital concepts to understand when discussing VLAN hopping.

The other options, such as using stronger encryption keys, increased bandwidth allocation, and enhanced user authentication protocols, do not pertain to VLAN hopping and focus instead on