CompTIA Network+ (N10-008) — Question 19

Which of the following would be BEST to use to detect a MAC spoofing attack?

Answer options

• A. Internet Control Message Protocol
• B. Reverse Address Resolution Protocol
• C. Dynamic Host Configuration Protocol
• D. Internet Message Access Protocol

Correct answer: B

Explanation

The Reverse Address Resolution Protocol (RARP) is designed to map IP addresses to MAC addresses, making it useful for detecting discrepancies in MAC addresses that could indicate spoofing. The other protocols listed, such as ICMP, DHCP, and IMAP, do not have the specific functionality needed to identify MAC address changes effectively.