![]() ![]() ![]() ![]() + Port security supports private VLAN (PVLAN) ports -> Answer B is not correct. + A secure port and static MAC address configuration are mutually exclusive. + A secure port cannot belong to an EtherChannel port-channel interface -> Answer C is correct. + A secure port cannot be a destination port for Switch Port Analyzer (SPAN) -> Answer E is not correct. Port Security Guidelines and Restrictionsįollow these guidelines when configuring port security: The “sticky” command learns all the dynamic secure MAC addresses, including those that were dynamically learned before sticky learning was enabled, not the first MAC address so answer B is not correct. The default behavior for a security violation is to shut down that port permanently. + shutdown – Puts the interface into the error-disabled state immediately and sends an SNMP trap notification. + restrict – Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment. + protect – Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value. There are three port security violation modes: In this questions we know that all access ports have port security sticky enabled so port security is still enabled on the older switch port (as we only removed the PC and clear the port security on the new one) -> E is correct (although D is also correct but E is better).Īnswer C is not correct as other access ports do not have any effect on these two ports. The new network switch port keeps going back into err-disabled mode so we can deduce port security is still enabled on this port -> A is correct but B is not correct. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |