Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?

Which is the result of enabling IP Source Guard on an untrusted switch port that does not have DHCP snooping enabled?

A.
DHCP requests will be switched in the software, which may result in lengthy response times.

B.
The switch will run out of ACL hardware resources.

C.
All DHCP requests will pass through the switch untested.

D.
The DHCP server reply will be dropped and the client will not be able to obtain an IP address.

Explanation:
IP Source Guard is a security feature that restricts IP traffic on untrusted Layer 2 ports by filtering traffic based on the DHCP snooping binding database or manually configured IP source bindings. This feature helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host. Any IP traffic coming into the interface with a source IP address other than that assigned (via DHCP or static configuration) will be filtered out on the untrusted Layer 2 ports.
The IP Source Guard feature is enabled in combination with the DHCP snooping feature on untrusted Layer 2 interfaces. It builds and maintains an IP source binding table that is learned by DHCP snooping or manually configured (static IP source bindings). An entry in the IP source binding table contains the IP address and the associated MAC and VLAN numbers. The IP Source Guard is supported on Layer 2 ports only, including access and trunk ports.