312-50V13 Question #112: Real Exam Question with Answer & Explanation

Question

A network admin contacts you. He is concerned that ARP spoofing or poisoning might occur on his network. What are some things he can do to prevent it? Select the best answers.

Options

• AUse port security on his switches.
• BUse a tool like ARPwatch to monitor for strange ARP activity.
• CUse a firewall between all LAN segments.
• DIf you have a small network, use static ARP entries.
• EUse only static IP addresses on all PC's.

Explanation

To prevent ARP spoofing or poisoning, a network administrator can implement measures such as securing switch ports, monitoring ARP activity, and configuring static ARP entries.

Common mistakes.

• C. While firewalls provide segmentation and control traffic at Layers 3 and 4, ARP spoofing is a Layer 2 attack that occurs within a local network segment, which a typical firewall does not directly prevent.
• E. Using only static IP addresses does not prevent ARP spoofing; devices still need to resolve IP addresses to MAC addresses via ARP, making them vulnerable to ARP cache poisoning.

Concept tested. ARP spoofing prevention methods

Reference. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg3750/swprtsec.html

No community discussion yet for this question.