Dynamic ARP Inspection validates ARP packets against entries in which database?

Study for the EC-Council Certified Ethical Hacker (CEH) v13 Exam. Utilize flashcards and multiple-choice questions with helpful hints and detailed explanations. Excel in your exam preparation!

Multiple Choice

Dynamic ARP Inspection validates ARP packets against entries in which database?

Explanation:
Dynamic ARP Inspection blocks spoofed ARP by checking each ARP packet against a trusted record of IP-to-MAC bindings learned through DHCP snooping. The DHCP snooping database holds these bindings, created when clients obtain addresses from a DHCP server, including the IP, MAC, and switch port. DAI uses that authoritative list to verify that ARP requests and responses match a known binding; if there’s a mismatch or no binding, the packet is dropped or flagged. This is why the DHCP snooping database is the reference for ARP validation. The DNS database, ARP table, and RADIUS database aren’t used for this ARP integrity check—the ARP table is just a local cache, DNS maps names to IPs, and RADIUS handles authentication, not ARP validation.

Dynamic ARP Inspection blocks spoofed ARP by checking each ARP packet against a trusted record of IP-to-MAC bindings learned through DHCP snooping. The DHCP snooping database holds these bindings, created when clients obtain addresses from a DHCP server, including the IP, MAC, and switch port. DAI uses that authoritative list to verify that ARP requests and responses match a known binding; if there’s a mismatch or no binding, the packet is dropped or flagged. This is why the DHCP snooping database is the reference for ARP validation. The DNS database, ARP table, and RADIUS database aren’t used for this ARP integrity check—the ARP table is just a local cache, DNS maps names to IPs, and RADIUS handles authentication, not ARP validation.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy