What happens if an attacker successfully manipulates STP?

• A. They can redirect network traffic to their own device
• B. They increase network latency only
• C. They bypass firewall rules
• D. They reroute DNS queries only

Answer: (B)

Manipulating Spanning Tree Protocol (STP) changes how switches elect the root and which ports are active for forwarding. When an attacker can influence BPDU frames, the network topology can shift to a different path, and switches must reconverge to a new stable tree. That reconvergence takes time and causes frames to traverse different, often longer, routes before the network settles. The result is an observable increase in latency and jitter while the topology reconfigures.

Other outcomes like intercepting traffic, bypassing firewalls, or hijacking DNS rely on additional exploits beyond STP manipulation. STP manipulation mainly disrupts the forwarding topology, and the primary immediate effect is the performance hit from reconvergence, i.e., higher latency. To defend against this, networks can use protections such as BPDU guard, root guard, loop guard, and proper monitoring to detect and limit STP tampering.