200-101 · Question #30
The following configuration is applied to a Layer 2 Switch: `` interface fastethernet 0/4 switchport mode access switchport port-security switchport port-security mac-address 0000.1111.1111 switchport
The correct answer is B. A host with a mac address of 0000.1111.1111 and one other host can connect to Fast Ethernet 0/4 simultaneously D. The switch can send an SNMP message to the network management station. Breaking down the configuration: switchport port-security maximum 2 allows a maximum of 2 MAC addresses on the port. switchport port-security mac-address 0000.1111.1111 statically assigns one MAC address. This means the static MAC (0000.1111.1111) counts as 1 of the 2 allowed, le
Question
interface fastethernet 0/4
switchport mode access
switchport port-security
switchport port-security mac-address 0000.1111.1111
switchport port-security maximum 2
switchport port-security
What is the result of the above configuration being applied to the switch?Exhibit
Options
- AA host with a mac address of 0000.1111.1111 and up to two other hosts can connect to FastEthernet 0/4 simultaneously
- BA host with a mac address of 0000.1111.1111 and one other host can connect to Fast Ethernet 0/4 simultaneously
- CViolating addresses are dropped and no record of the violation is kept
- DThe switch can send an SNMP message to the network management station
- EThe port is effectively shutdown
How the community answered
(21 responses)- A5% (1)
- B76% (16)
- C14% (3)
- E5% (1)
Explanation
Breaking down the configuration: switchport port-security maximum 2 allows a maximum of 2 MAC addresses on the port. switchport port-security mac-address 0000.1111.1111 statically assigns one MAC address. This means the static MAC (0000.1111.1111) counts as 1 of the 2 allowed, leaving room for exactly one additional dynamically learned MAC - making B correct. The violation mode is not specified, so it defaults to shutdown. In shutdown mode, when a violation occurs, the port is placed into err-disabled state AND the switch sends an SNMP trap notification to the network management station - making D correct. Choice A is wrong (maximum is 2 total, not 2 additional). Choice C is wrong (shutdown and restrict modes DO log violations). Choice E is wrong (the port is not pre-emptively shut down - it only shuts down upon a violation).
Topics
Community Discussion
No community discussion yet for this question.
