CompTIA CASP+ (CAS-003) — Question 244

A security administrator receives reports that several workstations are unable to access resources within one network segment. A packet capture shows the segment is flooded with ICMPv6 traffic from the source fe80::21ae:4571:42ab:1fdd and for the destination ff02::1. Which of the following should the security administrator integrate into the network to help prevent this from occurring?

Answer options

• A. Raise the dead peer detection interval to prevent the additional network chatter
• B. Deploy honeypots on the network segment to identify the sending machine
• C. Ensure routers will use route advertisement guards
• D. Deploy ARP spoofing prevention on routers and switches

Correct answer: D

Explanation

The correct answer is D because ARP spoofing prevention helps to mitigate the risks associated with malicious entities flooding the network with deceptive traffic. The other options do not directly address the issue of excessive ICMPv6 traffic or its source; for instance, raising the dead peer detection interval (A) would not prevent traffic flooding, while honeypots (B) and route advertisement guards (C) do not specifically target ARP-related problems.