What are common network attacks?
Why Interviewers Ask This
Candidates at the intermediate level are expected to not only know this concept but explain the trade-offs involved. Interviewers use this question to see if you can reason about design decisions, not just recall facts.
Answer
Common network attacks include: DDoS (Distributed Denial of Service) — overwhelming a target with traffic from many sources to make it unavailable. Man-in-the-Middle (MitM) — intercepting and possibly altering communications between two parties (ARP poisoning, rogue Wi-Fi AP). ARP Spoofing/Poisoning — sending fake ARP replies to associate attacker's MAC with a legitimate IP, redirecting traffic. DNS Poisoning (Cache Poisoning) — inserting malicious DNS entries to redirect users to fake websites. Port Scanning — discovering open ports and services (nmap). Packet Sniffing — capturing network traffic to extract sensitive data (Wireshark on unsecured networks). IP Spoofing — forging source IP addresses to impersonate another host. VLAN Hopping — exploiting switch misconfigurations to access traffic in other VLANs. Replay Attacks — capturing and retransmitting valid network transmissions. Mitigations: encryption (TLS, VPN), firewalls, IDS/IPS, network segmentation, DAI (Dynamic ARP Inspection), DNSSEC.
Common Mistake
Candidates often give textbook answers here. Interviewers are more impressed when you relate the concept to a specific problem you solved in a real Networking project.