What is accomplished by the command switchport port-security violation restrict?

A. The switch will generate a log message but will not block any packets.

B. The switch will drop packets that are in violation and generate a log message.

C. The switch will drop packets that are in violation, but not generate a log message.

D. The switch will shut down the interface when packets in violation are detected.








 

Suggested Answer: B

The command switchport port-security violation restrict drops packets that are in violation and generates a log message. The complete syntax of the command is: switch(config-if)# switchport port-security violation restrict
The port security command is used to lock a port down to specific MAC addresses. The three keywords that can be used with this command are protect, restrict, and shutdown. The protect keyword tells the port to drop packets without generating a log message for packets that are in violation. The restrict keyword tells the port to drop packets and generates a log message for packets that are in violation. The shutdown keyword causes the port to be disabled if a violation is detected.
There is no option to generate a log message but not block any packets.
Objective:
Infrastructure Security -
Sub-Objective:
Configure and verify switch security features
References:
Cisco > Catalyst 6500 Release 15.0SY Software Configuration Guide > Security > Port Security > How to Configure Port Security

This question is in 300-115 Implementing Cisco IP Switched Networks (SWITCH) Exam
For getting Cisco Certified Network Professional (CCNP) Routing and Switching Certificate





Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Cisco.
Trademarks, certification & product names are used for reference only and belong to Cisco.
The website does not contain actual questions and answers from Cisco's Certification Exam.