Which three statements are true about DAI？（） A: DAI intercept all ARP packets on untrusted ports B: DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the DHCP Snooping database. C: DAI is used to prevent against a DHCP Snooping attack. D: DAI forwards all ARP packets received on a trusted interface without any checks. E: DAI forwards all ARP packets on untrusted ports. F: DAI determines the validity of an ARP packet based on the valid MAC address-to-IP address bindings stored in the CAM table.

You are employed as a system administrator at Certkiller.com. You decide to create an ASP.NETWeb application on the companies’ network. You do this using Microsoft .NET Framework v3.5.  You are in the process opf planning the establishing authentication for the Web application. Youneed to make sure that the application is able to support clients from untrusted domains. However，unknown clients should not be able to access the application.  What should you do？（） A: A B: B C: C D: D

中间人攻击或IP/MACSpoofing攻击会导致信息泄露等危害，在内网中比较常见，为了防止中间人攻击或IP/MACSpoofing攻击，可以采取的方法有（）。 A: 配置Trusted/Untrusted接口 B: 限制交换机接口上允许学习到的最多MAC地址数目 C: 使用DHCPSnooping检查DHCPREQUEST报文中CHADDR字段的功能 D: 在交换机上配置DHCPSnooping功能