ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 350-701 All Questions

View all questions & answers for the 350-701 exam
Go to Exam

Exam 350-701 topic 1 question 622 discussion

Actual exam question from Cisco's 350-701
Question #: 622
Topic #: 1
[All 350-701 Questions]

A network administrator has configured DHCP snooping on a Cisco switch to prevent unauthorized DHCP servers from assigning IP addresses. During configuration, a device with MAC address 04:66:96:79:0:AB received an IP address from an unauthorized DHCP server. Which configuration step must the network administrator take to accomplish the requirement?

  • A. Apply DHCP option 82 to identify the trusted DHCP server.
  • B. Configure each device on the network to use authorize DHCP server manually.
  • C. Configure an access control list to only allow DHCP traffic from trusted DHCP server.
  • D. Implement DHCP option 82 to relay DHCP requests to the trusted DHCP server.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Premium_Pils at Sept. 5, 2024, 7:43 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
houhou12322
1 month, 2 weeks ago
It can be that DHCP Option 82 allows the DHCP server to receive additional information about the requesting device, such as its MAC address, VLAN ID, and other relevant attributes. And it make it easy to find the rouge DHCP server if the scenario is looking for the rouge
upvoted 1 times
...
kloug
1 month, 3 weeks ago
Answer c
upvoted 1 times
...
dfb0b7d
2 months, 2 weeks ago
Selected Answer: D
With the DHCP option-82 on untrusted port feature enabled, the switch does not drop DHCP packets that include option-82 information that are received on untrusted ports. https://www.cisco.com/en/US/docs/general/Test/dwerblo/broken_guide/snoodhcp.html#wp1109594
upvoted 1 times
...
luismg
2 months, 4 weeks ago
Selected Answer: D
D is correct an ACL will not do anything on the same VLAN
upvoted 3 times
...
Premium_Pils
3 months, 2 weeks ago
Selected Answer: C
An access list is not the right tool for this purpose, but it is closer to it than option 82. Setting the DHCP server manually is not really practical. The purpose of dynamic IP assignment is to avoid cumbersome manual IP settings on each client.
upvoted 2 times
Premium_Pils
3 months, 2 weeks ago
DHCP snooping is the appropriate tool to prevent rouge servers replying the requests, however, access-lists could be a temporary work around until DHCP snooping implementation is not finished.
upvoted 1 times
...
...
Premium_Pils
3 months, 2 weeks ago
I think this is about a rouge DHCP server sending a DHCP reply to a DHCP client. Could someone explain to me please, how would the option 82 prevent that? I think that option 82 is rather for verifying if the client is legitimate for receiving a reply, and can also be used for assigning an IP based on the client information (provided by the switch).
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago