A network administrator is configuring port security on a Cisco switch. The company security policy specifies that when a violation occurs, packets with unknown source addresses should be dropped and no notification should be sent. Which violation mode should be configured on the interfaces?

  • Post author:
  • Post category:Uncategorized
  • Post comments:0 Comments
  • Post last modified:October 29, 2020
  • Reading time:2 mins read

Last Updated on October 29, 2020 by Admin

A network administrator is configuring port security on a Cisco switch. The company security policy specifies that when a violation occurs, packets with unknown source addresses should be dropped and no notification should be sent. Which violation mode should be configured on the interfaces?

  • off
  • restrict
  • protect
  • shutdown
    Answers Explanation & Hints:

    On a Cisco switch, an interface can be configured for one of three violation modes, specifying the action to be taken if a violation occurs:
    Protect – Packets with unknown source addresses are dropped until a sufficient number of secure MAC addresses are removed, or the number of maximum allowable addresses is increased. There is no notification that a security violation has occurred.
    Restrict – Packets with unknown source addresses are dropped until a sufficient number of secure MAC addresses are removed, or the number of maximum allowable addresses is increased. In this mode, there is a notification that a security violation has occurred.
    Shutdown – The interface immediately becomes error-disabled and the port LED is turned off.

For more question and answers:

Click Here CCNA 2 SRWE v7 – Modules 10 – 13 – L2 Security and WLANs Exam Answers Full 100%

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments