When IP Source Guard with source IP filtering is enabled on an interface, which feature must be enabled on the access VLAN for that interface?

A.
DHCP snooping

B.
storm control

C.
spanning-tree portfast

D.
private VLAN

Explanation:
IP Source Guard Configuration Guidelines
· You can configure static IP bindings only on nonrouted ports. If you enter the ip source binding mac-address vlan vlan-id ip-address interface interface-id global
configuration command on a routed interface, this error message appears:
Static IP source binding can only be configured on switch port. · When IP source guard with source IP filtering is enabled on an interface, DHCP snooping

must be enabled on the access VLAN for that interface. · If you are enabling IP source guard on a trunk interface with multiple VLANs and DHCP snooping is
enabled on all the VLANs, the source IP address filter is applied on all the VLANs. · You can enable this feature when 802.1x port-based authentication is enabled.
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15- 0_2_EX/security/configuration_guide/b_sec_152ex_2960-x_cg/
b_sec_152ex_2960- x_cg_chapter_01110.html