Which mitigation technique would prevent rogue servers from providing false IP configuration parameters to clients?
- implementing port security
- turning on DHCP snooping
- disabling CDP on edge ports
- implementing port-security on edge ports
Explanation: Like Dynamic ARP Inspection (DAI), IP Source Guard (IPSG) needs to determine the validity of MAC-address-to-IP-address bindings. To do this IPSG uses the bindings database built by DHCP snooping.
More Questions: Switching, Routing, and Wireless Essentials ( Version 7.00) – SRWE Final Exam
More Questions: CCNA Security Chapter 6 Exam Answers