Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?

Questions BankWhich port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?
Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address? 1ITExamAnswers Staff asked 6 months ago
Question:
Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?

  • protect
  • shutdown
  • shutdown vlan
  • restrict

Explanation: In fact both “protect” and “restrict” mode allows traffic from passing with a valid MAC address so this question is not good. This is a quote from Cisco for these two modes:

protect: drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.

restrict: drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.pdf

Therefore the only difference between these two modes is “restrict” mode causes the SecurityViolation counter to increment (only useful for statistics).

More Questions: CCNA v3.0 (200-125) Study Guide – Exam Dumps


Related Articles