Correct Answer:

Altered answers:
DHCP Snooping: When DHCP servers are allocating IP addresses to the clients
on the LAN, DHCP snooping can be confgured on LAN switches to prevent
malicious or mal ormed DHCP tra c, or rogue DHCP servers. In addition,
in ormation on hosts which have success ully completed a DHCP transaction is
accrued in a database o "bindings" which may then be used by other security or
accounting eatures.

Dynamic ARP Inspection: A security eature that verifes ARP requests and
responses in a network. ARP allows hosts within a L2 broadcast domain to
communicate. It does this by mapping an IP address to the individual host’s MAC
address.

Port Security: A L2 tra c control eature on a Cisco Catalyst switch. It enables

an administrator confgure individual switch ports to allow only a specifed number
o source MAC addresses ingressing the port.

IP Source Guard: A security eature that restricts IP tra c on untrusted L2 ports

by fltering tra c based on the DHCP snooping binding database or manually
confgured IP source bindings. This eature helps prevent IP spoofng attacks when
a host tries to spoo and use the IP address o another host.

DND 4