Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?

Questions BankCategory: CCNAWhich port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?
ITExamAnswers Staff asked 2 months ago
Question:
Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?

  • protect
  • shutdown
  • shutdown vlan
  • restrict

Explanation: In fact both “protect” and “restrict” mode allows traffic from passing with a valid MAC address so this question is not good. This is a quote from Cisco for these two modes:

protect: drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.

restrict: drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.pdf

Therefore the only difference between these two modes is “restrict” mode causes the SecurityViolation counter to increment (only useful for statistics).

More Questions: CCNA v3.0 (200-125) Study Guide – Exam Dumps



Your Answer







Related Articles