Time for three brand-new CCNP SWITCH practice exam questions, along with a great video!
These questions are also excellent study material for the CCNA Security certification.
Let's jump right in!
1. You're configuring Dynamic ARP Inspection. First, you need to know when ARP messages are inspected. So... when are they inspected?
A. As they arrive at the switch
B. As they leave the switch
C. As they arrive at and leave the switch, but this can be changed
D. Both as they arrive at and leave the switch, and this is the unchangeable default behavior
2. By default, which of the following actions will be taken when an ARP message is considered invalid?
A. None - by default, ports are trusted in DAI.
B. The event is logged.
C. The invalid request or response is dropped.
D. The port is placed into err-disabled mode.
E. The port is placed into arp-inconsistent mode.
3. Dynamic ARP Inspection uses a database created by what other service or protocol?
That one's short answer. : )
The answers right after this brief, important message!
And now... the answers!
1. (A). Dynamic ARP Inspection only examines ARP messages as they arrive ("ingress ports").
2. (B, C). Invalid ARP messages will be dropped and logged. DAI ports are considered untrusted by default.
3. Dynamic ARP Inspection uses the DHCP Snooping database (so DHCP Snooping has to be running in order to use DAI).
Since today's questions are on DAI, let's watch a video on the same subject! See you Friday with more new questions and videos!