A company’s security policy does not allow outside computers or smart phones into their work areas. All company-provided computers are strictly controlled using 802.1X authentication on all of their switches. All computers obtain DHCP IP addresses from centralized servers and all switches have IP spoofing enabled. However, one of the computers was able to send IP spoofed packets.
Why did the IP spoof feature fail to prevent the spoofed packets from being forwarded?
The IP source guard database timeout was set too low.
The DHCP snooping feature was not enabled on any of the switches.
IP source guard does not prevent IP spoof attacks; you need to configure the Dynamic ARP Inspection feature.
802.1X feature was not enabled on the port that was directly connected to the infected computer.