Terms in this set (9)
You have just enabled port security on an interface of a Catalyst 2950 switch. You want to generate an SNMP trap whenever a violation occurs. Which feature should you enable?
What are the default switchport configuration parameters on a 2960 switch?
A maximum of 1 MAC address per port is allowed
Violation act is set to shutdown
You manage a local area network that uses Cisco 2960 switches to support 200 workstations. You have recently had a problem where some workers bring hubs into the workplace so they can use their single network connection to connect multiple devices in their office. You want to make sure that users cannot connect hubs and multiple devices to their network connection. When multiple devices on a port are protected, you want to allow the first device but no others. How should you configure switchport security?
set a maximum of 1 device per port then configure the switch to learn the MAC address
Use protect for the violation code
You have a Catalyst 2960 switch on a small area network with one server and five workstations. The file server is named SrvFs and is connected to port fa0/17 on the switch. You want to make sure that only this server can connect to port Fa0/17 but that it can send and receive frames from the five workstations on the network. What should you do?
configure switchport security to Fa0/7 to allow only MAC address of SrvFS
You have a Catalyst 2960 switch on a small local area network with one server and five workstations. The file server is named SrvFs and is connected to port fa0/17 on the switch. You want to make sure that only this server can connect to port Fa0/17. If any unauthorized devices attempt to attach, you want to disable the port until you manually re-enable it. On Fa0/17 you use the switchport port-security mac-address command to identify the MAC address of the server. What else should you include in your configuration?
switch port port-security violation shutdown
switchport port-security maximum 1
Which of the following are true of port security sticky addresses?
They are placed in the running-config file, and can be saved to the startup-config file
They can be learned automatically or manually configured
You have just enabled port security on a switch port. What are the default settings?
shutdown violation mode
Maximum of 1 device
Dynamically learned allowed addresses
You have two IP phone daisy chains as shown in the exhibit. Which of the following commands correctly configures port security on both FastEthernet 0/5 and 0/6.?
Switch(config-if)#switchport port-security maximum 3
In which of the following situations would you use port security?
You wanted to restrict the devices that could connect through a switchport