Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 310

Client workstations are experiencing extremely poor response time. An engineer suspects that an attacker is eavesdropping and making independent connections while relaying messages between victims to make them think they are talking to each other over a private connection. Which feature must be enabled and configured to provide relief from this type of attack?

Answer options

• A. Link Aggregation
• B. Reverse ARP
• C. private VLANs
• D. Dynamic ARP Inspection

Correct answer: D

Explanation

Dynamic ARP Inspection (DAI) helps prevent ARP spoofing by ensuring that only valid ARP requests and responses are relayed. This protection is crucial in scenarios where attackers might manipulate ARP messages to eavesdrop on traffic. The other options do not specifically address the issue of ARP spoofing and interception of communications.