Use B for this item. VLAN hopping is mitigated by manually configuring trunk ports and disabling Dynamic Trunking Protocol where trunks are not needed. This prevents an attacker from negotiating an unauthorized trunk from an access port. In Cisco CCNA 200-301 v1.1, Network Access questions frequently test the practical boundary between similar features: what the feature does, where it is configured, and what problem it is meant to solve. DAI protects ARP, activating unused default-VLAN ports is unsafe, and extended VLANs do not stop hopping attacks. A clean way to validate the answer is to map the wording of the scenario to the actual device function. If the feature supplies addressing, forwarding, authentication, trunking, route selection, or controller communication, the answer must match that function exactly rather than a nearby protocol name.