Question

Scenario: Your supervisor

understands that a hacker can use a sniffer to monitor and analyze the organization's network traffic and recommends that you use the media access control (MAC) flooding as a countermeasure. However, you disagree. Why? What countermeasure, in your opinion, can be employed to defeat the hacker's sniffing attacks? When responding to classmates, discuss whether you agree with their choices of countermeasures and explain your reasoning.

Answer 1

Sniffing is a type of attack in the traffic is tapped or intercepted in order to find the information or in some cases this information can be routed to the target in order to find the information which may be sent to the other end.

In case of MAC flooding, we flood the switch with MAC addresses and then sniffing can be done as CAM table would be overflowed, this could be one of the solutions but we should also consider the DNS positioning, as well as the DNS cache, might have changed due to which our organizations are going to wrong address and their information is getting sniffed. Or the other way could be going for the MAC spoofing in which the attacker might have got to know about the MAC addresses of the devices connected to the switch and set its own MAC address to the same address and thus the messages would be sent to spoofer as well.

Thus above ways could also be taken as a countermeasure in order to go for the problem.

That was a nice question to answer
Friend, If you have any doubts in understanding do let me know in the comment section. I will be happy to help you further.
Please like if you think effort deserves a like.
Thanks