You are the network administrator in your company. You have executed the following commands on the Fa0/1 interface of a switch named swtA: Over a period of time, different hosts are connected to the Fa0/1 switch port of swtA. The MAC addresses of the hosts that were connected to the Fa0/1 port and the order in which they connected are as follows: After a few days, you notice that the Fa0/1 port is in the shutdown state. Which of the following MAC addresses causes the Fa0/1 port to shut down? A. 2222.2222.2222 B. 3333.3333.3333 C. 4444.4444.4444 D. 5555.5555.5555 Â Suggested Answer: D The MAC address 5555.5555.5555 caused the Fa0/1 port to shut down because it violates the port security enabled on the port. The switchport port-security maximum 4 command allows at most four MAC addresses or hosts to be connected to the Fa0/1 switch port. Two secure MAC addresses, 1111.1111.1111 and 3333.3333.3333, are statically configured on the Fa0/1 port by using the switchport port-security mac-address command. This implies that these two MAC addresses are allowed to be connected to the Fa0/1 port. The switchport port-security mac-address sticky command enables sticky learning of MAC addresses on the Fa0/1 port. With sticky learning, the dynamically learned MAC addresses are stuckto the port. The first MAC address that is connected to the port becomes the sticky secure address. In this case, 1111.1111.1111 and 3333.3333.3333 MAC addresses are statically configured as secure addresses. This implies that there can be at most two sticky secure MAC addresses for Fa0/1. The hosts w Objective: Infrastructure Security - Sub-Objective: Configure and verify switch security features References: Cisco > Catalyst 6500 Series Release 15.0SY Software Configuration Guide > Security > Port Security Cisco IOS Security Command Reference > show vlan group Through switchport port-security violation > switchport port-security mac-address Cisco IOS Security Command Reference > show parameter-map type consent Through show users > show port-security This question is in 300-115 Implementing Cisco IP Switched Networks (SWITCH) Exam For getting Cisco Certified Network Professional (CCNP) Routing and Switching Certificate Disclaimers: The website is not related to, affiliated with, endorsed or authorized by Cisco. Trademarks, certification & product names are used for reference only and belong to Cisco. The website does not contain actual questions and answers from Cisco's Certification Exam.
Please login or Register to submit your answer