Client workstations are experiencing extremely poor response time. An engineer suspects that an attacker is eavesdropping and making independent connections while relaying messages between victims to make them think they are talking to each other over a private connection. Which feature must be enabled and configured to provide relief from this type of attack?
To address an attack where an attacker intercepts and relays messages between victims, making them believe they are directly communicating with each other (commonly known as a Man-in-the-Middle attack), Dynamic ARP Inspection (DAI) is the appropriate feature. DAI helps prevent ARP spoofing, where an attacker sends false ARP messages onto a network. By validating ARP packets, DAI ensures that only ARP requests and responses from valid sources are processed, thus protecting against the attack described and improving the response time of client workstations.
Given example is perfect fit to use Dynamic ARP Inspection. D is correct answer https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/dynarp.html
As "to make them think they are talking to each other over a private connection" So, they need to communicate each others. So, Private VLAN is incorrect.
D. Dynamic ARP Inspection
The reason I would go for the D, Because in the question "Which feature must be enabled and configured to provide "relief" from this type of attack?" In my understanding this means you have to take an action immediately. So I would go for D
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/dynarp.html
PRIVATE VLAN, isolated pvlan, so the hosts in same subnet can not talk each other.
And why do you think, that they don't want to talk to each other?