Home » Cisco » 350-080 » DHCP snooping on Cisco Nexus 1000V Series Switches acts like a firewall between untrusted hosts and trusted DHCP servers by doing which of these?
DHCP snooping on Cisco Nexus 1000V Series Switches acts like a firewall between untrusted hosts and trusted DHCP servers by doing which of these? (Choose three.)
A. validates DHCP messages received from untrusted sources and filters out invalid response messages from DHCP servers
B. intercepts all ARP requests and responses on untrusted ports
C. builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses
D. uses the DHCP snooping binding database to validate subsequent requests from untrusted hosts
E. limits IP traffic on an interface to only those sources that have an IP-MAC address binding table entry or static IP source entry
Correct Answer: ACD
Explanation/Reference:
Explanation:
DHCP snooping acts like a firewall between untrusted hosts and trusted DHCP servers. DHCP snooping performs the following activities:
Validates DHCP messages received from untrusted sources and filters out invalid messages.
Builds and maintains the DHCP snooping binding database, which contains information about untrusted hosts with leased IP addresses.
Uses the DHCP snooping binding database to validate subsequent requests from untrusted hosts.
Reference: http://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/dcnm/security/configuration/guide/b_Cisco_DCNM_Security_Configuration_Guide__Release_5-x/Cisco_DCNM_Security_Configuration_Guide__Release_5-x_chapter13.html#con_1272686
