多选题Which three statements about the DHCP snooping feature on Cisco Nexus switches are true？（）ADHCP snooping commands are not available until the feature is enabled with the feature dhcp- snooping command.BWhen you enable the DHCP snooping feature， the sw

题目

多选题

Which three statements about the DHCP snooping feature on Cisco Nexus switches are true？（）

DHCP snooping commands are not available until the feature is enabled with the feature dhcp- snooping command.

When you enable the DHCP snooping feature， the switch begins building and maintaining the DHCP snooping binding database.

The switch will not validate DHCP messages received or use the DHCP snooping binding database to validate subsequent requests from untrusted hosts until DHCP snooping is enabled globally and for each specific VLAN.

Globally disabling DHCP snooping removes all DHCP snooping configuration on the switch.

Globally disabling DHCP snooping does not remove any DHCP snooping configuration or the configuration of other features that are dependent upon the DHCP snooping feature.

参考答案和解析

正确答案： D,C

解析：暂无解析

如果没有搜索结果或未解决您的问题，请直接联系老师获取答案。

相似问题和答案

第1题：

Which three statements are true about the Internet Group Management Protocol (IGMP)? ()

A. There are three IGMP modes: dense mode, sparse mode, and sparse - dense mode

B. IGMP is used to register individual hosts with a multicast group

C. IGMP version 3 enables a multicast receiving host to specify to the router which sources it should forward traffic from

D. IGMP messages a re IP datagrams with a protocol value of 2, destination address of 224.0.0.2, and a TTL value of 1

E. IGMP is a multicast routing protocol that makes packet - forwarding decisions independent of other routing protocols such as EIGRP

F. IGMP snooping ru ns on Layer 3 routers

参考答案：B, C, D

第2题：

The Company is concerned about Layer 2 security threats. Which statement is true about these threats？（）

A、 MAC spoofing attacks allow an attacking device to receive frames intended for a different network host.
B、 Port scanners are the most effective defense against dynamic ARP inspection.
C、 MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable attack points.
D、 Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP snooping attacks.
E、 DHCP snooping sends unauthorized replies to DHCP queries.
F、 ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.
G、 None of the other alternatives apply.

正确答案:A

第3题：

Which three statements are correct about Rate Limiters? ()(Choose three.)

A. one-rate rate limiters

B. two-rate rate limiters

C. two-rate rate limiters is the default

D. one-rate rate limiters is the default

E. there is no default it must be configured

参考答案：A, B, C

第4题：

he Cisco Nexus 1000V Series Switches are virtual machine access switches that are an intelligent software switch implementation for VMware vSphere environments running the Cisco NX-OS Software operating system. Together with the VMware ESX hypervisor， the Nexus 1000V supports Cisco VN-Link server virtualization technology， which provides mobile virtual machine security and network policy for VMware View components， including the DHCP snooping feature. DHCP snooping is disabled on the Nexus 1000V by default. When the DHCP snooping feature is enabled on the Nexus 1000V， what are the default trust settings for the vEthernet and uplink ports？（）

A、 All vEthernet ports are trusted， and all Ethernet ports such as uplinks and port channels are trusted.
B、 All vEthernet ports are not trusted， and all Ethernet ports such as uplinks and port channels are not trusted.
C、 All vEthernet ports are trusted and all Ethernet ports such as uplinks and port channels are not trusted.
D、 All vEthernet ports are not trusted and all Ethernet ports such as uplinks and port channels are trusted.

正确答案:D

第5题：

Which three statements are true about the voice VLAN feature on a Catalyst 2950 switch？（Choose three.）（）

A、 The CoS value is trusted for 802.1p or 802.1q tagged traffic.
B、 The voice VLAN feature is disabled by default.
C、 The IP phone accepts the priority of all tagged and untagged traffic and sets the CoS value to 4.
D、 When the voice VLAN feature is enabled， all untagged traffic is sent according to the default CoS priority of the port.
E、 PortFast is automatically disabled when a voice VLAN is configured.
F、 The default CoS value for incoming traffic is set to 0.

正确答案:B,D,F

第6题：

Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled？（）

A、DHCP requests will be switched in the software， which may result in lengthy response times.
B、The switch will run out of ACL hardware resources.
C、All DHCP requests will pass through the switch untested.
D、The DHCP server reply will be dropped and the client will not be able to obtain an IP address.

正确答案:D

第7题：

Which three statements are true about terms in a policy?（）

A、The order of the terms in a policy is irrelevant
B、The action is specified in a then statement
C、Ters are optional in a policy
D、The match condition can be identified with a from statement
E、Every policy must contain at least one term

正确答案:B,D,E

第8题：

Which two statements are true about Internet Group Management Protocol (IGMP) snooping?()

A. IGMP snooping and Cisco Group Membership Protocol (CGMP) can be used simultaneously on a switch.

B. IGMP snooping a nd Cisco Group Membership Protocol (CGMP) were developed to help Layer 3 switches make intelligent forwarding decisions on their own.

C. IGMP snooping examines IGMP join/leave messages so that multicast traffic is forwarded only to hosts that sent an IG MP message toward the router.

D. IGMP snooping is an IP multicast constraining mechanism for Layer 2 switches.

E. IGMP snooping is enabled with the ip multicast - routing global configuration command.

参考答案：C, D

第9题：

Which statement best describes what is depicted in the show command output？（）

A、 IGMP snooping is not active for VLAN 120 because the IGMP feature has not been enabled on the switch with the feature igmp command.
B、 The IGMP snooping querier for VLAN 120 is not in a running state because the Loopback interface configured with 1.1.1.1/32 is currently in a down state.
C、 IGMP snooping has been disabled on the VLAN 120 SVI.
D、 IGMP snooping has been disabled for VLAN 120 in VLAN configuration mode.
E、 IGMP snooping is not active for VLAN 120 because VLAN 120 does not exist in the VLAN database.

正确答案:D

第10题：

Which two statements are true about Internet Group Management Protocol (IGMP) snooping?（）

A、IGMP snooping and Cisco Group Membership Protocol (CGMP) can be used simultaneously on a switch.
B、IGMP snooping a nd Cisco Group Membership Protocol (CGMP) were developed to help Layer 3 switches make intelligent forwarding decisions on their own.
C、IGMP snooping examines IGMP join/leave messages so that multicast traffic is forwarded only to hosts that sent an IG MP message toward the router.
D、IGMP snooping is an IP multicast constraining mechanism for Layer 2 switches.
E、IGMP snooping is enabled with the ip multicast - routing global configuration command.

正确答案:C,D

Which three statements about the DHCP snooping feature on Ci

题目

参考答案和解析

相似问题和答案

更多相关问题

相关内容