Last Updated on April 30, 2021 by Admin
How can DHCP spoofing attacks be mitigated?
- by disabling DTP negotiations on nontrunking ports
- by implementing DHCP snooping on trusted ports
- by implementing port security
- by the application of the ip verify source command to untrusted ports
Answers Explanation & Hints:
One of the procedures to prevent a VLAN hopping attack is to disable DTP (auto trunking) negotiations on nontrunking ports. DHCP spoofing attacks can be mitigated by using DHCP snooping on trusted ports. The ip verify source interface configuration command is used to enable IP Source Guard on untrusted ports to protect against MAC and IP address spoofing.