DHCP Snooping/DAI
To configure DHCP Snooping:
Static IP:
ip dhcp snooping
ip dhcp snooping vlan xxx
ip source binding MAC vlan xxx IP interface zzz
interface zzz
ip verify source
MAC + IP:
ip dhcp snooping
ip dhcp snooping vlan xxx
ip source binding MAC vlan xxx IP interface zzz
interface zzz
switchport port-security (etc)
ip verify source port-security
Whats the difference? Well… In the first example, the switch will not filter based on MAC address. If the wrong IP comes in on interface zzz (as specified by ip source binding) then the switch will drop the traffic. In the second example, configuring port security will drop traffic if the MAC address learned via port-security is incorrect. The second example will ALSO filter rogue IPs. The two are not mutually exclusive.
DAI:
ip arp inspection vlan xx
ip arp inspection filter ACL vlan xxx static
arp access-list ACL
permit ip host IP mac host MAC
Cheers 
I still have pages of notes from the bootcamp to type out! Been busy!
Question for you. What did you bring to the class with you? I am assuming laptop, tons of empty notebooks and pens. Any insight from you would be great.
I brought in my laptop, my soup-to-nuts book, and my Sony PRS-505 document reader (buy one of these, dont bother researching, just buy it).
The hotel supplied us with paper, but it wasnt enough. It would be a good idea to bring your own notebook/pens with you.
Make sure your lappy has wireless and cabled ethernet on it, because you wont know what the training venue would be supplying, an ethernet cable would probably help too.
Cheers