CompTIA Network+ (N10-008) — Question 150

A malicious user is using special software to perform an on-path attack. Which of the following best practices should be configured to mitigate this threat?

Answer options

• A. Dynamic ARP inspection
• B. Role-based access
• C. Control plane policing
• D. MAC filtering

Correct answer: A

Explanation

Dynamic ARP inspection is the best practice for preventing on-path attacks as it helps to validate ARP packets and ensure that only legitimate ARP responses are processed. Role-based access, control plane policing, and MAC filtering do not specifically address the vulnerabilities exploited in on-path attacks, making them less effective in this scenario.