SWITCH 2.0 : DHCP Snooping, IPSG, and DAI


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

Discover how to mitigate DHCP spoofing and flooding attacks and use DHCP snooping to exclude ports from sending DHCP offers. Explore IPSG (IP spoofing) and DAI (ARP spoofing) and how they are configured in conjunction with DHCP. This course will help you prepare for the 300-115: Implementing Cisco IP Switched Networks 2.0 certification exam.



Expected Duration (hours)
1.0

Lesson Objectives

SWITCH 2.0 : DHCP Snooping, IPSG, and DAI

  • identify the syntax used to enable DHCP snooping
  • recognize how Cisco switches prevent DHCP spoofing
  • recognize the syntax used to flag a port as trusted in a given scenario
  • specify the purpose of DHCP snooping
  • specify the syntax used to prevent DHCP flooding attacks
  • identify the result of a switch configuration in a given scenario
  • identify the security feature that needs to be enabled in order to use the IP Source Guard feature
  • identify the syntax used to verify IP Source Guard configuration
  • recognize how to configure IP Source Guard to filter access based on IP address
  • specify the syntax used to enable dynamic ARP inspection on uplink ports in a given scenario

    • Course Number:
    it_ccnpstv_14_04_enus

    Expertise Level
    Expert