200-301 Question #837: Real Exam Question with Answer & Explanation

The correct answer is B: restrict. The restrict port security violation mode drops traffic from unknown MAC addresses, sends an SNMP trap, and increments a violation counter.

Submitted by satoshi_tk· Mar 5, 2026Security Fundamentals

Question

Which port security violation mode drops traffic from unknown MAC addresses and sends an SNMP trap?

Options

Aprotect
Brestrict
Cshutdown
Dshutdown VLAN

Explanation

The restrict port security violation mode drops traffic from unknown MAC addresses, sends an SNMP trap, and increments a violation counter.

Common mistakes.

A. In protect mode, frames from unknown MAC addresses are dropped when the maximum number of secure MAC addresses is exceeded, but no notifications are sent.
C. In shutdown mode, the interface is immediately put into an error-disabled state, effectively shutting down the port and dropping all traffic, rather than just dropping unknown MAC address traffic.
D. Shutdown VLAN is not a valid port security violation mode.

Concept tested. Port security violation modes

Reference. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/12-2_55_se/configuration/guide/scg/swethsec.html

Topics

#Port security#Violation modes#MAC address filtering

Community Discussion

No community discussion yet for this question.

Full 200-301 Practice Browse All 200-301 Questions