CompTIA PenTest+ (PT0-002) — Question 224

A penetration tester wants to accomplish ARP poisoning as part of an attack. Which of the following tools will the tester MOST likely utilize?

Answer options

• A. Wireshark
• B. Netcat
• C. Nmap
• D. Ettercap

Correct answer: D

Explanation

Ettercap is specifically designed for network protocol analysis and can easily perform ARP poisoning, making it the most suitable choice for this task. Wireshark is primarily used for capturing and analyzing network traffic, while Netcat and Nmap serve different purposes such as network scanning and creating TCP/UDP connections, respectively.