HPE Aruba Certified Professional (ACP) – SD-WAN — Question 125

How would you explain to a new HPE Aruba Networking CX customer how the switch can protect against use cases of malicious DHCP servers and ARP poisoning in the network where client-to-server communication is required?

Answer options

• A. The control-plane policy can configured with the allowed DHCP servers.
• B. The system configuration database protects the information of authenticated clients.
• C. DHCP-snooping-table and ARP protection will together maintain valid information.
• D. Private VLANs can be used to isolate the server resources to protect false DHCP servers.

Correct answer: C

Explanation

The correct answer, C, is accurate because DHCP snooping and ARP protection work together to ensure that only legitimate DHCP responses and ARP requests are processed, thus maintaining valid network information. Option A is incorrect as it only describes a control-plane policy without addressing the broader protection against DHCP and ARP threats. Option B focuses on client authentication rather than protection against malicious server use. Option D refers to isolating server resources, which does not directly prevent DHCP or ARP attacks.