搜题
用户您好, 请在下方输入框内搜索其它题目:
搜题
题目内容 (请给出正确答案)
提问人:网友 发布时间:
【多选题】

DHCP snooping on Cisco Nexus 1000V Series Switches acts like a firewall between untrusted hosts and trusted DHCP servers by doing which of these? ()

A、 validates DHCP messages received from untrusted sources and filters out invalid response messages from DHCP servers

B、 intercepts all ARP requests and responses on untrusted ports

C、 builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses

D、 uses the DHCP snooping binding database to validate subsequent requests from untrusted hosts

E、 limits IP traffic on an interface to only those sources that have an IP-MAC address binding table entry or static IP source entry

查看正确答案
更多“DHCP snooping on Cisco Nexus 1000V Series Switches acts like a firewall between untrusted hosts and trusted DHCP servers by doing which of these? ()”相关的问题
第1题
[多选题] Which three statements about the DHCP snooping feature on Cisco Nexus switches are true? ()

A、 DHCPsnooping commands are not available until the feature is enabled with the feature dhcp- snooping command.  B、 When you enable the DHCPsnooping feature, the switch begins building and maintaining the DHCPsnooping binding database.  C、 The switch will not validate DHCP messages received or use the DHCPsnooping binding database to validate subsequent requests from untrusted hosts until DHCPsnooping is enabled globally and for each specific VLAN.  D、 Globally disabling DHCPsnooping removes all DHCPsnooping configuration on the switch.  E、 Globally disabling DHCPsnooping does not remove any DHCPsnooping configuration or the configuration of other features that are dependent upon the DHCPsnooping feature.  

点击查看答案
第2题
[多选题] DHCP Snooping是一种DHCP的安全特性,关于DHCP Snooping的说法,以下正确的是()。

A、DHCP Snooping绑定表分为动态绑定表和静态绑定表  B、DHCP Snooping区分信任端口和非信任端口,对非信任端口,不处理DHCP Reply报文  C、静态绑定表在报文入端口手工输入,也可以手工设置表项老化时间  D、在二层上应用DHCP Snooping时,不配置Option82功能也可以获得绑定表所需的接口信息  

点击查看答案
第3题
[多选题] DHCP Snooping是一种DHCP安全特性,可以用于防御一些攻击,下列哪些是DHCP Snooping能够防御的攻击()。

A、防御改变CHADDR值的饿死攻击  B、防御DHCP仿冒者攻击  C、防御TCP flag攻击  D、防御中间人攻击和IP/MAC Spoofing攻击  

点击查看答案
第4题
[] Which of the following types of attacks does DHCP snooping prevent?(Choose all that apply.)()

A、A.Attacker sends multiple DHCP requests flooding DHCP server  B、B.Attacker connects rogue server initiating DHCP requests  C、C.Attacker connects rogue server replying to DHCP requests  D、D.Attacker sends DHCP jam signal causing DHCP server to crash  E、E.Attacker sends gratuitous ARP replies, thereby jamming the DHCP server  F、F.Attacker sends unsolicited DHCP replies, thereby jamming the DHCP server  

点击查看答案
第5题
[多选题] As the network technician at Company, you need to configure DHCPsnooping on a new switch.   Which three steps are required? ()

A、 Configure the switch to insert and remove DHCP relay information (option-82 field) in forwarded  DHCP request messages.  B、 Configure DHCPsnooping globally.  C、 Configure the switch as a DHCP server.  D、 Configure DHCPsnooping on an interface.  E、 Configure all interfaces as DHCPsnooping trusted interfaces.  F、 Configure DHCPsnooping on a VLAN or range of VLANs.  

点击查看答案
第6题
[单选题] 中间人攻击或IP/MAC Spoofing攻击会导致信息泄露等危害,在内网中比较常见,为了防止中间人攻击或IP/MAC Spoofing攻击,可以采取的方法有()。

A、配置Trusted/Untrusted接口  B、限制交换机接口上允许学习到的最多MAC地址数目  C、使用DHCP Snooping检查DHCP REQUEST报文中CHADDR字段的功能  D、在交换机上配置DHCP Snooping功能  

点击查看答案
第7题
[单选题] 在一个只有二层交换机构成的局域网中,如果在交换机上只启用IGMP Snooping,那么()   

A、 组播不通  B、 组播正常,但IGMP Snooping 无法正确记录成员端口信息  C、 组播正常,IGMP Snooping 也可以正确记录组播成员端口信息  D、 如果同时启用IGMP Spoofing,可以使IGMP Snooping 正常工作  

点击查看答案
第8题
[单选题] Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?()

A、DHCP requests will be switched in the software, which may result in lengthy response times.  B、The switch will run out of ACL hardware resources.  C、All DHCP requests will pass through the switch untested.  D、The DHCP server reply will be dropped and the client will not be able to obtain an IP address.  

点击查看答案
第9题
[单选题] In the event that two devices need access to a common server, but they cannot communicate witheach other, which security feature should be configured to mitigate attacks between thesedevices?()

A、private VLANs  B、port security  C、BPDU guard  D、dynamic ARP inspection  E、DHCPsnooping  

点击查看答案
账号:
答题记录 我的收藏 我的题库
客服
TOP

请使用微信扫码支付

订单号:
遇到问题请联系在线客服