A Cisco Catalyst switch connects to what should be individual user PCs. Each port has the same port security configuration, configured as follows:
interface range gigabitethernet 0/1 - 24 switchport mode access switchport port-security switchport port-security mac-address sticky
Which of the following answers describe the result of the port security configuration created with these commands? (Choose two answers.)
- Prevents unknown devices with unknown MAC addresses from sending data through the switch ports.
- If a user connects a switch to the cable, prevents multiple devices from sending data through the port.
- Will allow any one device to connect to each port and will save that device’s MAC address into the startup-config.
- Will allow any one device to connect to each port but will not save that device’s MAC address into the startup-config.
Explanation: First, about the sticky parameter…this command causes the switch to learn the source MAC and to add it to a switchport port-security mac-address address interface subcommand. However, port security adds that command to the running-config file; the network engineer must also issue a copy running-config startup-config EXEC command to save that configuration.
About the other correct answer, users can connect a switch to the end of the cable, with multiple devices connected to that switch. That happens in real networks when users decide they need more ports at their desk. However, the default setting of switchport port-security maximum 1 means that a frame from the second unique source MAC address would cause a violation, and with the default violation action, to err-disable the port.
For the other incorrect answer, the configuration does not prevent unknown MAC addresses from accessing the port because the configuration does not predefine any MAC address.
Please login or Register to submit your answer