Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Juniper Exam JN0-351 Topic 5 Question 8 Discussion

Actual exam question for Juniper's JN0-351 exam
Question #: 8
Topic #: 5
[All JN0-351 Questions]

You are concerned about spoofed MAC addresses on your LAN.

Which two Layer 2 security features should you enable to minimize this concern? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: A, C

Ais correct because dynamic ARP inspection (DAI) is a Layer 2 security feature that prevents ARP spoofing attacks. ARP spoofing is a technique that allows an attacker to send fake ARP messages to associate a spoofed MAC address with a legitimate IP address. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks.DAI validates ARP packets by checking the source MAC address and IP address against a trusted database, which is usually built by DHCP snooping1.DAI discards any ARP packets that do not match the database or have invalid formats1.

Cis correct because DHCP snooping is a Layer 2 security feature that prevents DHCP spoofing attacks. DHCP spoofing is a technique that allows an attacker to act as a rogue DHCP server and offer fake IP addresses and other network parameters to unsuspecting clients. This can result in traffic redirection, man-in-the-middle attacks, or denial-of-service attacks. DHCP snooping filters DHCP messages by classifying switch ports as trusted or untrusted.Trusted ports are allowed to send and receive any DHCP messages, while untrusted ports are allowed to send only DHCP requests and receive only valid DHCP replies from trusted ports2.DHCP snooping also builds a database of MAC addresses, IP addresses, lease times, and binding types for each client2.


by Ezekiel at Nov 21, 2023, 10:30 AM

Limited Time Offer

25%

Off

Get Premium JN0-351 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!


Save Cancel