Question

An e-commerce company’s IT team is alerted by their intrusion detection system (IDS) about unusual ARP traffic on the network. Upon investigation, they find that a malicious device is impersonating the gateway by sending unsolicited ARP replies to users. Some users report intermittent connectivity issues, and a network scan reveals duplicate MAC addresses in the ARP cache of multiple devices.

Which IMMEDIATE action should the IT team take to minimize the impact of the attack without disrupting legitimate user activity?

quizzes.technology · Accepted Answer

Enable port security features on the network switches to restrict devices based on their MAC addresses

quizzes.technology · Answer

Reconfigure the network to use static ARP entries for all critical devices, including the gateway

quizzes.technology · Answer

Deploy network segmentation immediately to isolate the affected devices and contain the attack

quizzes.technology · Answer

Enable 802.1X port-based authentication to ensure only trusted devices can communicate on the network

🛡️ Free practice test question from: ARP spoofing (Security+)

Question: 80

Question: 253

Question: 143

💬 Discussion and Feedback

Comments