200-301 - Security Fundamentals - Section 5.7
Configure and verify Layer 2 security features (DHCP snooping, dynamic ARP inspection, and port security), describe wireless security protocols (WPA, WPA2, WPA3), and configure a WLAN using WPA2 PSK in the GUI.
Protect the access layer with port security to limit MAC addresses per port, DHCP snooping to drop rogue server replies on untrusted ports, and dynamic ARP inspection to block ARP spoofing using the snooping binding table. Compare the wireless security generations - WPA, WPA2 with AES/CCMP, and WPA3 with SAE - and configure a WLAN with WPA2 pre-shared key authentication from the controller GUI.
Port securityDHCP snoopingDynamic ARP inspectionWPA/WPA2/WPA3WPA2 PSK
More in this domain
Back to all Security Fundamentals objectives, or the 200-301 cert hub.
Examworthy is not affiliated with or endorsed by Cisco. Original, blueprint-aligned practice material only.