Term
| With the _____ command, you can provide static MAC address security without having to type in absolutely everyone’s MAC address on the network. |
|
Definition
|
|
Term
| You can limit the number of MAC addresses on a switchport by using the _____ command. |
|
Definition
|
|
Term
| Name three main security violation actions. |
|
Definition
1. protect
2. restrict
3. shutdown |
|
|
Term
| What are the expected results of implementing "violation protect" on a switchport? |
|
Definition
| When a violation occurs in this mode, the switchport will permit traffic from known MAC addresses to continue sending traffic while dropping traffic from unknown MAC addresses. When using this mode, no notification message is sent when this violation occurs. |
|
|
Term
| What are the expected results of implementing "violation restrict" on a switchport? |
|
Definition
| The switch drops packets when a violation occurs in this mode. The switchport will permit traffic from known MAC addresses to continue sending traffic while dropping traffic from unknown MAC addresses. An SNMP message is also sent indicating that a violation has occurred. |
|
|
Term
| What are the expected results of implementing "violation shutdown" on a switchport? |
|
Definition
| The switch the interface into the error-disabled state immediately and sends an SNMP trap notification. |
|
|
Term
| What is the default switchport security, and what actions will the switch take if a security violation is detected? |
|
Definition
| The default is "violation shutdown". The port shuts down, and an SNMP trap notification is sent. |
|
|
Term
| What is the command to bring an "err-disabled" port back online? |
|
Definition
|
|
Term
| What command is used to display port-security settings for an interface or for a switch? |
|
Definition
| #show port-security int <int#> |
|
|
