Cisco Certified Network Professional Practice Test

Remove ads, get exclusive features. Starting from $5.99

SPONSORED: TopResume US | Land Your Next Job Faster with a Professionally Written Resume

Question: 1 / 655

What is the default trust status for ports when DHCP Snooping is enabled?

All ports are trusted

All ports are untrusted

When DHCP Snooping is enabled on a network switch, the default trust status for all ports is untrusted. This is crucial because DHCP Snooping helps to protect against rogue DHCP servers, which could assign incorrect IP addresses and cause network issues. By setting all ports to untrusted by default, the switch only allows DHCP messages from trusted sources, typically ports connecting to legitimate DHCP servers.

This configuration helps to ensure that only specific ports designated as trusted can send DHCP replies, while all other ports, which may be connected to end-user devices, cannot send DHCP offers or responses. Administrators can then selectively configure trusted ports as needed, ensuring the integrity of the DHCP process and enhancing overall network security.

Get further explanation with Examzify DeepDiveBeta

Mixed trust status based on configuration

Only certain VLANs are trusted

Next Question

Report this question

Download Cisco Certified Network Professional Practice Test PDF Study Guide

Cisco Certified Network Professional Practice Test

Get the latest from Examzify