While a school district is performing state testing

While an unskilled attacker may engage in various forms of cyber activity, ARP poisoning typically requires a certain level of knowledge and skill to execute effectively. This choice implies that the attacker lacks the necessary expertise to perform sophisticated network attacks, which contradicts the nature of ARP poisoning as a deliberate and technical exploit.

Shadow IT refers to the use of unauthorized devices or applications within an organization, which could lead to security vulnerabilities. However, it does not directly relate to the specific act of ARP poisoning. This option diverts attention from the malicious activity that is actively compromising network integrity, making it an inappropriate choice for this scenario.

Credential stuffing is a type of attack where stolen usernames and passwords are used to gain unauthorized access to accounts. This method is unrelated to ARP poisoning, which focuses on manipulating network traffic rather than exploiting account credentials. Thus, this choice does not accurately reflect the cause of the network issues described.

DMARC (Domain-based Message Authentication, Reporting & Conformance) failure pertains to email authentication and is not relevant to ARP poisoning or the network disruptions being faced. This option fails to connect with the technical details of the network attack scenario, making it an unsuitable answer.