Home > IP Source Guard Questions

IP Source Guard Questions

November 16th, 2018 in SWITCH 300-115 Go to comments

Question 1

Explanation

IP Source Guard provides source IP address filtering on a Layer 2 port to prevent a malicious host from impersonating a legitimate host by assuming the legitimate host’s IP address. The feature uses dynamic DHCP snooping and static IP source binding to match IP addresses to hosts on untrusted Layer 2 access ports.

Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/ipsrcgrd.html

Question 2

Question 3

Question 4

Question 5

Question 6

Comments
  1. James
    August 11th, 2019

    Q2 – Clearly the correct answer is “BPDU Guard” which will errdisable a portfast port if you connect a switch to it. IP Source guard only prevents spoofing.

  1. No trackbacks yet.