Implementing Cisco IP Switched Networks (CCNP SWITCH, legacy) — Question 158

Which statement is true about Layer 2 security threats?

Answer options

• A. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use Dynamic ARP Inspection to determine vulnerable attack points.
• B. DHCP snooping sends unauthorized replies to DHCP queries.
• C. ARP spoofing can be used to redirect traffic to counter Dynamic ARP Inspection.
• D. MAC spoofing attacks allow an attacking device to receive frames intended for a different network host.

Correct answer: D

Explanation

Option D is correct because MAC spoofing allows an attacker to masquerade as another device on the network, thereby receiving frames intended for that device. Option A is incorrect as it misrepresents the relationship between MAC spoofing and ARP snooping. Option B is false since DHCP snooping actually prevents unauthorized DHCP replies. Option C is misleading; while ARP spoofing can redirect traffic, it does not counteract Dynamic ARP Inspection effectively.