What are two features that help to mitigate man-in-the-middle attacks? (Choose two.)

What are two features that help to mitigate man-in-the-middle attacks? (Choose two.)
A . DHCP snooping
B . ARP sniffing on specific ports
C . ARP spoofing
D . dynamic ARP inspection
E . destination MAC ACLs

View Answer

Answer: AD

Explanation:

The primary Cisco IOS Software features on the Cisco Catalyst 6500E (Cisco IOS Software 12.2(33)SXI1) that was used to mitigate the MITM (ARP Poisoning) attack are DHCP Snooping and Dynamic ARP Inspection (referred to as DAI throughout this paper). DAI has a dependency on DHCP Snooping. In order to run DAI, DHCP Snooping must be enabled.

Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/ white_paper_c11_603839.html