What are two features that help to mitigate man-in-the-middle attacks? (Choose two.) 

Answer options:

A. DHCP snooping
B. ARP sniffing on specific ports
C. ARP spoofing
D. dynamic ARP inspection
E. destination MAC ACLs

AD

The primary Cisco IOS Software features on the Cisco Catalyst 6500E (Cisco IOS Software 12.2(33)SXI1) that was used to mitigate the MITM (ARP Poisoning) attack are DHCP Snooping and Dynamic ARP Inspection (referred to as DAI throughout this paper). DAI has a dependency on DHCP Snooping. In order to run DAI, DHCP Snooping must be enabled. Reference: http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11_603839.html