Why did the IP spoof feature fail to prevent the spoofed packets from being forwarded?

A company’s security policy does not allow outside computers or smart phones into their
work areas. All company-provided computers are strictly controlled using 802.1X
authentication on all of their switches. All computers obtain DHCP IP addresses from
centralized servers and all switches have IP spoofing enabled. However, one of the
computers was able to send IP spoofed packets. Why did the IP spoof feature fail to prevent
the spoofed packets from being forwarded?

A company’s security policy does not allow outside computers or smart phones into their
work areas. All company-provided computers are strictly controlled using 802.1X
authentication on all of their switches. All computers obtain DHCP IP addresses from
centralized servers and all switches have IP spoofing enabled. However, one of the
computers was able to send IP spoofed packets. Why did the IP spoof feature fail to prevent
the spoofed packets from being forwarded?

A.
802.1X feature was not enabled on the port that was directly connected to the infected
computer.

B.
IP source guard does not prevent IP spoof attacks; you need to configure the Dynamic
ARP Inspection feature.

C.
The IP source guard database timeout was set too low.

D.
The DHCP snooping feature was not enabled on any of the switches.



Leave a Reply 0

Your email address will not be published. Required fields are marked *