Question:
Refer to the exhibit. A junior network administrator was given the task of configuring port security on SwitchA to allow only PC_A to access the switched network through port fa0/1. If any other device is detected, the port is to drop frames from this device. The administrator configured the interface and tested it with successful pings from PC_A to RouterA, and then observes the output from these two show commands. Which two of these changes are necessary for SwitchA to meet the requirements? (Choose two.)
- Port security needs to be globally enabled.
- Port security needs to be enabled on the interface.
- Port security needs to be configured to shut down the interface in the event of a violation.
- Port security needs to be configured to allow only one learned MAC address.
- Port security interface counters need to be cleared before using the show command.
- The port security configuration needs to be saved to NVRAM before it can become active.
Explanation: As we see in the output, the “Port Security” is in “Disabled” state (line 2 in the output). To enable Port security feature, we must enable it on that interface first with the command:
SwitchA(config-if)#switchport port-security
-> B is correct.
Also from the output, we learn that the switch is allowing 2 devices to connect to it (switchport port-security maximum 2) but the question requires allowing only PC_A to access the network so we need to reduce the maximum number to 1 -> D is correct.
Exam with this question: CCNA v3.0 (200-125) Study Guide – Exam Dumps
Please login or Register to submit your answer