ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-206 All Questions

View all questions & answers for the 300-206 exam
Go to Exam

Exam 300-206 topic 1 question 176 discussion

Actual exam question from Cisco's 300-206
Question #: 176
Topic #: 1
[All 300-206 Questions]

Which configuration on a switch would be unsuccessful in preventing a DHCP starvation attack?

  • A. DHCP snooping
  • B. Port security
  • C. Rate Limiting
  • D. Source Guard
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Other Catalyst switch features, such as IP source guard, can provide additional defense against attacks such as DHCP starvation and IP spoofing. Similar to
DHCP snooping, IP source guard is enabled on untrusted Layer 2 ports. All IP traffic is initially blocked, except for DHCP packets captured by the DHCP snooping process. Once a client receives a valid IP address from the DHCP server, a PACL is applied to the port. This restricts the client IP traffic to those source IP addresses configured in the binding. Any other IP traffic with a source address other than the addresses in the binding is filtered.
Reference: http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series-switches/72846-layer2-secftrs-catl3fixed.html#ipsourceguard
by thanhtq00104 at April 3, 2025, 10:52 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Currently there are no comments in this discussion, be the first to comment!
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel