Question:
Which mitigation technique would prevent rogue servers from providing false IP configuration parameters to clients?
- implementing port security
- turning on DHCP snooping
- disabling CDP on edge ports
- implementing port-security on edge ports
Explanation: Like Dynamic ARP Inspection (DAI), IP Source Guard (IPSG) needs to determine the validity of MAC-address-to-IP-address bindings. To do this IPSG uses the bindings database built by DHCP snooping.
Exam with this question: Switching, Routing, and Wireless Essentials ( Version 7.00) - SRWE Final Exam
Exam with this question: CCNA Security Chapter 6 Exam Answers
Please login or Register to submit your answer