Homework Help: Questions and Answers: Laura is operating from her home network. After she accesses a company website, she calls the IT department claiming that she is being presented with a defaced website with suspicious-looking content. Upon investigation of the website, the IT department sees no issues, and a log review shows that no files have been changed. Which of the following answers might explain the cause?
A) SQL injection
B) ARP poisoning
C) DNS poisoning
D) MAC spoofing
Answer:
First, let’s understand the question: The scenario describes Laura seeing a defaced website with suspicious content, while the IT department doesn’t see any problems and logs show no changes to the website. Let’s analyze each given option:
Given Options: Step by Step Answering
a) SQL Injection
- SQL injection is an attack that involves manipulating a web application’s SQL queries to access or modify the database.
- This would typically affect the data stored on the website or the database behind it, but it would affect all users, not just one person. In this case, the IT department would likely see issues as well.
b) ARP Poisoning
- ARP poisoning (Address Resolution Protocol poisoning) is an attack in which an attacker sends fake ARP messages to link their MAC address to the IP address of another device, allowing them to intercept traffic.
- This attack occurs on the local network, potentially redirecting traffic from one device to the attacker’s device.
- While this is a local attack, it wouldn’t typically cause only a website to appear defaced.
c) DNS Poisoning (DNS Spoofing)
- DNS poisoning is when an attacker corrupts the DNS cache, causing a user to be redirected to a malicious website even when entering the correct URL.
- This could explain why Laura is seeing a defaced or malicious website while the IT department does not, as only her DNS settings might be affected.
- This is the most likely cause, as it would explain why only Laura is affected and why the website appears fine to the IT department.
d) MAC Spoofing
- MAC spoofing involves changing the MAC address of a network device to impersonate another device.
- While this might cause network disruption, it wouldn’t typically cause a defaced website.
Final Answer:
Based on the above analysis, the correct answer is:
C) DNS poisoning.
DNS poisoning could cause Laura’s device to resolve the company website’s domain name to a different IP address, leading her to a malicious site that appears defaced. Meanwhile, the IT department, using the correct DNS information, would still access the legitimate site. This also explains why there are no changes in the server logs, as the actual company website hasn’t been altered.
Learn More: Homework Help