nerdexam
Cisco

350-701 · Question #635

350-701 Question #635: Real Exam Question with Answer & Explanation

The correct answer is B. spoofing attacks. Port security on a switch port helps prevent spoofing attacks by restricting the MAC addresses that can send traffic through that port.

Submitted by amina.ke· Mar 30, 2026Network Security

Question

Which common threat can be prevented by implementing port security on switch ports?

Options

  • AVLAN hopping attacks
  • Bspoofing attacks
  • Cdenial-of-service attacks
  • Deavesdropping attacks

Explanation

Port security on a switch port helps prevent spoofing attacks by restricting the MAC addresses that can send traffic through that port.

Common mistakes.

  • A. VLAN hopping attacks exploit misconfigurations in trunking or double-tagging and are prevented by features like disabling DTP or using dedicated VLANs for trunks, not primarily by port security.
  • C. While port security can prevent a single device from overwhelming a port with traffic from multiple spoofed MACs, it's not the primary or most comprehensive defense against general denial-of-service attacks, which often target network services or bandwidth.
  • D. Eavesdropping attacks involve passively listening to network traffic and are prevented by encryption; port security doesn't prevent an attacker from listening if they are already connected or have compromised a connected device.

Concept tested. Switch port security MAC address enforcement

Reference. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/software/release/12_2_52_se/configuration/guide/config/swport.html

Topics

#Port security#Switch security#Layer 2 security#Spoofing prevention

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 350-701 Practice