CompTIA Security+ (SY0-501) — Question 550

Which of the following differentiates ARP poisoning from a MAC spoofing attack?

Answer options

• A. ARP poisoning uses unsolicited ARP replies.
• B. ARP poisoning overflows a switch's CAM table.
• C. MAC spoofing uses DHCPOFFER/DHCPACK packets.
• D. MAC spoofing can be performed across multiple routers.

Correct answer: A

Explanation

The correct answer is A because ARP poisoning specifically involves sending unsolicited ARP replies to associate an attacker's MAC address with the IP address of a legitimate device. The other options describe actions or characteristics that do not directly differentiate ARP poisoning from MAC spoofing.