ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 200-301 All Questions

View all questions & answers for the 200-301 exam
Go to Exam

Exam 200-301 topic 1 question 1141 discussion

Actual exam question from Cisco's 200-301
Question #: 1141
Topic #: 1
[All 200-301 Questions]

A network administrator is evaluating network security in the aftermath of an attempted ARP spoofing attack. If Port-channel1 is the uplink interface of the access-layer switch toward the distribution-layer switch, which two configurations must the administrator configure on the access-layer switch to provide adequate protection? (Choose two.)

  • A. ip dhcp snooping vlan 1-4094
    !
    interface Port-channel1
    switchport protected
    switchport port-security maximum 1
  • B. ip dhcp snooping vlan 1-4094
    ip dhcp snooping
    !
    interface Port-channel1
    ip dhcp snooping trust
  • C. ip dhcp snooping
    !
    interface Port-channel1
    switchport port-security maximum 1
    switchport port-security
  • D. ip arp inspection trust
    !
    interface Port-channel1
    switchport port-security maximum 4094
    switchport port-security
    ip verify source mac-check
  • E. ip arp inspection vlan 1-4094
    !
    interface Port-channel1
    ip arp inspection trust
Show Suggested Answer Hide Answer
Suggested Answer: BE 🗳️
by [deleted] at Oct. 5, 2023, 8:08 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
[Removed]
Highly Voted 11 months, 3 weeks ago
Selected Answer: BE
It must be BE because of codes
upvoted 6 times
...
[Removed]
Most Recent 5 months, 3 weeks ago
Selected Answer: BE
B & E are correct
upvoted 1 times
...
lmmujsi
6 months ago
Selected Answer: BE
To provide adequate protection against ARP spoofing attacks, the network administrator should configure the following on the access-layer switch: B. ip dhcp snooping vlan 1-4094 ip dhcp snooping ! interface Port-channel1 ip dhcp snooping trust This configuration enables DHCP snooping for all VLANs and trusts DHCP messages on the uplink interface, which helps prevent attackers from using ARP spoofing to send false DHCP responses. E. ip arp inspection vlan 1-4094 ! interface Port-channel1 ip arp inspection trust This configuration enables ARP inspection for all VLANs and trusts ARP packets on the uplink interface, which helps prevent ARP spoofing by verifying ARP requests and responses against a trusted database1.
upvoted 3 times
...
[Removed]
9 months, 2 weeks ago
Selected Answer: BE
A. Incorrect. The VLANs are specified but DHCP wasn't enabled globally. B. Correct answer. C. Incorrect.The VLANs aren't specified, but this is required for DHCP snooping to work. D. Incorrect. You need to specify the VLANs when enabling ARP inspection. E. Correct answer.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago