Indeed you should really do both to 'cover' every possible failure situation. Otherwise you will end up with Nagios lying to you about what's going on. Mis-information is worse than no information at all!
With check_dhcp you can ask it to make sure the DHCP OFFER is coming from the correct IP address. So you can use that to check for rogue DHCP servers.
root@praxis:/usr/local/nagios/libexec# ./check_dhcp -h
check_dhcp v2018 (nagios-plugins 1.4.13)
Copyright (c) 2001-2004 Ethan Galstad (email@example.com)
Copyright (c) 2001-2007 Nagios Plugin Development Team
This plugin tests the availability of DHCP servers on a network.
Usage: check_dhcp [-v] [-u] [-s serverip] [-r requestedip] [-t timeout]
[-i interface] [-m mac]
Print detailed help screen
Print version information
Show details for command-line debugging (Nagios may truncate output)
IP address of DHCP server that we must hear from
IP address that should be offered by at least one DHCP server
Seconds to wait for DHCPOFFER before timeout occurs
Interface to to use for listening (i.e. eth0)
MAC address to use in the DHCP request
Unicast testing: mimic a DHCP relay, requires -s
Send email to firstname.lastname@example.org if you have questions
regarding use of this software. To submit patches or suggest improvements,
send email to email@example.com