Which method should a penetration tester use to perform a VLAN hopping attack?

A penetration tester should configure the machine to function as a trunk port in order to execute a VLAN hopping attack effectively. This method involves sending packets that are tagged for multiple VLANs on the trunk port, allowing the attacker to access traffic across those VLANs.

In a standard network setup, switches separate traffic by VLANs to enhance security and organization. However, when a device is configured as a trunk port, it can relay traffic from multiple VLANs. By exploiting this configuration, an attacker can gain unauthorized access to different VLANs, enabling them to capture sensitive data or execute further attacks.

The other options do not directly facilitate VLAN hopping in the same manner. Launching a denial of service attack could disrupt network service but does not help in accessing VLANs. Disabling MAC address learning may cause instability within a network but does not directly leverage VLAN tagging to gain unauthorized access. Installing network intrusion software focuses on detection and prevention rather than actively compromising VLAN configurations. Hence, configuring the machine as a trunk port is the most effective approach to achieve VLAN hopping.