Which statement is true about Layer 2 security threats? A. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use Dynamic ARP Inspection to determine vulnerable attack points. B. DHCP snooping sends unauthorized replies to DHCP queries. C. ARP spoofing can be used to redirect traffic to counter Dynamic ARP Inspection. D. MAC spoofing attacks allow an attacking device to receive frames intended for a different network host. Â Suggested Answer: D First of all, MAC spoofing is not an effective counter-measure against any reconnaissance attack; it IS an attack! Furthermore, reconnaissance attacks don't use dynamic ARP inspection (DAI); DAI is a switch feature used to prevent attacks. Reference: Layer 2 Security Features on Cisco Catalyst Layer 3 Fixed Configuration Switches Configuration Example (http://www.cisco.com/en/US/products/hw/ switches/ps5023/products_configuration_example09186a00807c4101.shtml This question is in 300-115 Implementing Cisco IP Switched Networks (SWITCH) Exam For getting Cisco Certified Network Professional (CCNP) Routing and Switching Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Cisco. Trademarks, certification & product names are used for reference only and belong to Cisco. The website does not contain actual questions and answers from Cisco's Certification Exam.
Please login or Register to submit your answer
