You must limit access to a printer with a persistent DHCP address of 2001:db8:0000:50::10/64 in VLAN v50 to users assigned to VLAN v50 only.
Which action would satisfy this requirement?
You must limit access to a printer with a persistent DHCP address of 2001:db8:0000:50::10/64 in VLAN v50 to users assigned to VLAN v50 only.
Which action would satisfy this requirement?
To limit access to a printer with a persistent DHCP address to users assigned to a specific VLAN only, implementing DHCP snooping on VLAN v50 is the most appropriate action. DHCP snooping ensures that only clients that are part of VLAN v50 can obtain the correct IP addresses, thereby preventing unauthorized devices from accessing the network and the printer. This enhances security by excluding rogue DHCP servers and ensuring that the DHCP address allocation is properly managed within the VLAN.
n computer networking, DHCP snooping is a series of techniques applied to improve the security of a DHCP infrastructure.[1] DHCP servers allocate IP addresses to clients on a LAN. DHCP snooping can be configured on LAN switches to exclude rogue DHCP servers and remove malicious or malformed DHCP traffic. In addition, information on hosts which have successfully completed a DHCP transaction is accrued in a database of bindings which may then be used by other security or accounting features. Other features may use DHCP snooping database information to ensure IP integrity on a Layer 2 switched domain. This information enables a network to: Track the physical location of IP addresses when combined with AAA accounting or SNMP. Ensure that hosts only use the IP addresses assigned to them when combined with source-guard a.k.a. source-lockdown[2] Sanitize ARP requests when combined with arp-inspection a.k.a. arp-protect
Prefer D. IRB interface can only accept a L3 filter, but a L3 filter cannot match mac address.