ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-320 All Questions

View all questions & answers for the 300-320 exam
Go to Exam

Exam 300-320 topic 2 question 56 discussion

Actual exam question from Cisco's 300-320
Question #: 56
Topic #: 2
[All 300-320 Questions]

Which two security measures must an engineer follow when implementing Layer 2 and Layer 3 network design? (Choose two.)

  • A. Utilize DHCP snooping on a per VLAN basis and apply ip dhcp snooping untrusted on all ports.
  • B. Utilize the native VLAN only on trunk ports to reduce the risk of a Double-Tagged 802.1q VLAN hopping attack.
  • C. Utilize an access list to prevent the use of ARP to modify entries to the table.
  • D. Utilize private VLANs and ensure that all ports are part of the isolated port group.
  • E. Utilize the ARP inspection feature to help prevent the misuse of gARP.
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by scar at Feb. 10, 2020, 7:14 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
scar
5 years, 4 months ago
Interesting link about VLAN hoping attacks: https://learningnetwork.cisco.com/blogs/vip-perspectives/2019/07/12/vlan1-and-vlan-hopping-attack Wording however is tricky on answer B
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel