Q: 5
Which IPv6 feature enables a device to reject traffic when it is originated from an address that is not
stored in the device binding table?
Options
Discussion
B . IPv6 Source Guard drops traffic if the source address isn't in the binding table, so it's specifically about that validation step. D (RA Guard) trips up a lot of people but that's for blocking rogue router advertisements, not general address source checking. Seen this on practice tests too, pretty sure it's B.
B or D? I went with D because RA Guard sounds like it could handle bad traffic generally, not just RAs. Maybe missing a detail but that's what made sense to me.
Nah, it's not D. The question's talking about blocking any traffic from addresses not bound to the port, which is what B does. D is only about filtering router advertisements, that's a common distractor here honestly. Seen similar in practice, pretty sure B is correct but let me know if you think otherwise.
Not D, B. RA Guard only handles router advertisements, but Source Guard looks at the binding table for all incoming traffic. Pretty sure that's what they're asking for here.
Pretty sure it's B since Source Guard actually checks the binding table for valid source addresses. D is only for blocking rogue router advertisements, not all unrecognized sources. Let me know if I'm missing something though.
C/D? Both seem right but I'm picking D here
B Practicing this in a lab and checking the official guide helps clear up confusion here.
For this, has anyone double-checked with the official cert guide or labbed it? Similar topics came up on some practice tests I saw.
Yeah, that's B. IPv6 Source Guard checks the binding table and drops packets if the source address isn't there. D only deals with router advertisements so it's not a match this time. Pretty sure about this, correct me if I'm missing something.
B
Be respectful. No spam.
