How can DHCP spoofing attacks be mitigated?

IT Questions BankCategory: CCNA SecurityHow can DHCP spoofing attacks be mitigated?

How can DHCP spoofing attacks be mitigated?

  • by disabling DTP negotiations on nontrunking ports
  • by implementing port security
  • by the application of the ip verify source command to untrusted ports​
  • by implementing DHCP snooping on trusted ports

Explanation: One of the procedures to prevent a VLAN hopping attack is to disable DTP (auto trunking) negotiations on nontrunking ports​. DHCP spoofing attacks can be mitigated by using DHCP snooping on trusted ports. The ip verify source interface configuration command is used to enable IP Source Guard on untrusted ports to protect against MAC and IP address spoofing.

Exam with this question: CCNA Security Practice Final Exam Answers
Exam with this question: Checkpoint Exam: Layer 2 and Endpoint Security Group Exam Answers

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments