Implementing and Operating Cisco Security Core Technologies (SCOR) — Question 33

A network administrator configures Dynamic ARP Inspection on a switch. After Dynamic ARP Inspection is applied, all users on that switch are unable to communicate with any destination. The network administrator checks the Interface status of all interfaces, and there is no err-disabled interface. What is causing this problem?

Answer options

• A. DHCP snooping has not been enabled on all VLANs
• B. Dynamic ARP inspection has not been enabled on all VLANs
• C. The ip arp inspection limit command is applied on all interfaces and is blocking the traffic of all users
• D. The no ip arp inspection trust command is applied on all user host interfaces

Correct answer: A

Explanation

The correct answer is A because DHCP snooping must be enabled for Dynamic ARP Inspection to function correctly; without it, the switch cannot validate ARP packets, leading to communication failure. Options B and C are incorrect since the problem is specifically related to the absence of DHCP snooping, and option D does not directly relate to the inability to communicate with destinations.