Dynamic ARP Inspection (DAI) inspects ARP traffic to prevent ARP spoofing.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Multiple Choice

Dynamic ARP Inspection (DAI) inspects ARP traffic to prevent ARP spoofing.

Dynamic ARP Inspection operates at the data link layer on switches. It inspects ARP traffic and validates ARP replies against a binding table that maps IP addresses to MAC addresses, with the table populated by DHCP snooping or static entries. When an ARP reply arrives, DAI checks that the sender’s MAC matches the expected binding for that IP; if it doesn’t, the packet is dropped, preventing ARP spoofing and the creation of poisoned ARP caches.

Other options don’t fit because DNS validation happens at the application layer and concerns name resolution, not ARP; filtering at layer 3 would target IP headers, not ARP packets; inspecting TCP options occurs at the transport layer, which is unrelated to ARP traffic.

Dynamic ARP Inspection (DAI) inspects ARP traffic to prevent ARP spoofing.

Study for the CompTIA SecurityX Test. Equip yourself with comprehensive flashcards and multiple choice questions that include hints and explanations. Gear up for your certification exam!

Dynamic ARP Inspection (DAI) inspects ARP traffic to prevent ARP spoofing.

Get the latest from Examzify