Which statement is true about Layer 2 security threats?
A.
MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use Dynamic ARP Inspection to determine vulnerable attack points.
B.
DHCP snooping sends unauthorized replies to DHCP queries.
C.
ARP spoofing can be used to redirect traffic to counter Dynamic ARP Inspection.
D.
MAC spoofing attacks allow an attacking device to receive frames intended for a different network host.
Suggested Answer:D🗳️
First of all, MAC spoofing is not an effective counter-measure against any reconnaissance attack; it IS an attack! Furthermore, reconnaissance attacks don't use dynamic ARP inspection (DAI); DAI is a switch feature used to prevent attacks. Reference: Layer 2 Security Features on Cisco Catalyst Layer 3 Fixed Configuration Switches Configuration Example (http://www.cisco.com/en/US/products/hw/ switches/ps5023/products_configuration_example09186a00807c4101.shtml
C is the correct answer.
MAC Spoofing has to be done in the same LAN
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.300-115 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
CiscoNinja
5 years, 3 months ago