Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?

Jul 27, 2020 Last Updated: Jul 27, 2020 No Comments
Tweet Share Pin it
IT Questions BankWhich port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?

Question:
Which port security violation mode allows traffic from valid mac address to pass but block traffic from invalid mac address?

  • protect
  • shutdown
  • shutdown vlan
  • restrict

Explanation: In fact both “protect” and “restrict” mode allows traffic from passing with a valid MAC address so this question is not good. This is a quote from Cisco for these two modes:

protect: drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.

restrict: drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment.

Reference: https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.pdf

Therefore the only difference between these two modes is “restrict” mode causes the SecurityViolation counter to increment (only useful for statistics).

Exam with this question: CCNA v3.0 (200-125) Study Guide – Exam Dumps

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x