In this video, learn about DHCP snooping configuration along with its protective powers.
- [Instructor] DHCP snooping is a method to prevent … rogue DHCP servers on a network. … A rogue is any unauthorized DHCP server on a network, … either accidentally, or one with malicious intent. … When snooping is enabled on a VLAN within a switch, … it will protect any ports configured for that VLAN … that are not designated as trusted ports. … An untrusted port is going to be one … facing end users, which is the default state, … while a trusted port is going to be … either the port that connects directly to the DHCP server … or an uplink to another switch or router … that terminates the DHCP server. … In short, untrusted ports will discard any packets … that would normally be sourced from a DHCP server, … so only DHCP client requests will be allowed. … On trusted ports, either client or server packets … can be sent. … As an untrusted port goes through the DHCP process, … the switch will add the MAC address of the client, … its assigned IP, the interface it was learned on, … and the VLAN it is in to the DHCP snooping binding table. …
Note: A complete overview of the exam and registration instructions can be found at https://www.cisco.com/c/en/us/training-events/training-certifications/exams/current-list/ccna-200-301.html.
- Elements of a robust security program
- Password policy
- Access control lists
- Dynamic ARP Inspection (DAI)
- Software-defined networking
- Software-Defined Access (SDA)
- Rest APIs
- Automation platforms