A security administrator checks a network switch's table. Which of the following attacks is happening to this switch?

The scenario describes a network switch's table being checked, which is typically the MAC address table that keeps track of the MAC addresses of devices connected to the switch and their corresponding ports. If a security administrator notices an unusually high number of entries or unexpected information in this table, it is indicative of a MAC flooding attack.

In a MAC flooding attack, the attacker overwhelms the switch by sending a flood of frames with different source MAC addresses. This causes the switch to exceed its capacity to store MAC addresses in its table, forcing it to enter a fail-open mode where all incoming frames are broadcasted to all ports. This can lead to interception of network traffic and unauthorized access to sensitive data.

Understanding this context clarifies why recognizing unexpected entries in the MAC address table signals a potential MAC flooding attack, indicating a significant disruption in normal network operations and security risks to the devices connected to the switch.