Home > ICND1 – Port Security

ICND1 – Port Security

June 20th, 2017 in ICND1 100-105 Go to comments

[am4show have=’p2;’]

Premium Member: You can test your knowledge with these questions first via this link.

[/am4show]

Question 1

[am4show have=’p2;’]By default, how many MAC addresses are permitted to be learned on a switch port with port security enabled?

A. 8
B. 2
C. 1
D. 0

 

Answer: C[/am4show]

Explanation

By default, port security limits the MAC address that can connect to a switch port to one. If the maximum number of MAC addresses is reached, when another MAC address attempting to access the port a security violation occurs.

Question 2

[am4show have=’p2;’]Which option is the default switch port port-security violation mode?

A. shutdown
B. protect
C. shutdown vlan
D. restrict

 

Answer: A[/am4show]

Explanation

Shutdown is the default switch port port-security violation mode. When in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable recovery cause CLI command or by disabling and re-enabling the switchport.

Question 3

[am4show have=’p2;’]What is the purpose of the switchport command?

Switch(config-if)# switchport port-security maximum 1
Switch(config-if)# switchport port-security mac-address 0018.DE8B.4BF8

A. It ensures that only the device with the MAC address 0018.DE8B.4BF8 will be able to connect to the port that is being configured.
B. It informs the switch that traffic destined for MAC address 0018.DE8B.4BF8 should only be sent to the port that is being configured.
C. It will act like an access list and the port will filter packets that have a source or destination MAC of 0018.DE8B.4BF8.
D. The switch will shut down the port of any traffic with source MAC address of 0018.DE8B.4BF8.

 

Answer: A[/am4show]

Question 4

[am4show have=’p2;’]Which statement is a Cisco best practice for switch port security?

A. Vacant switch ports must be shut down.
B. Empty ports must be enabled in VLAN 1.
C. VLAN 1 must be configured as the native VLAN.
D. Err-disabled ports must be configured to automatically re-enable.

 

Answer: A[/am4show]

Question 5

[am4show have=’p2;’]An administrator connects devices to a switch and wants dynamically learned MAC addresses and add them to the running config. What accomplishes this?

A. Enable port security and use the keyword sticky
B. Set the switchport mode to trunk and save the running configuration
C. Use the switchport protected command to have the MAC addresses added to the configuration
D. Use the no switchport port-security command to allow MAC addresses to be added to the configuration

 

Answer: A[/am4show]

Comments (8) Comments
  1. lin
    July 18th, 2017

    hi all here only the Explanation how to get the question

  2. Lackadaisical_Cisco
    July 26th, 2017

    I HAVE SAME QUERY @lin

  3. will
    July 28th, 2017

    Become a member, it’s worth the money.

  4. potion
    January 23rd, 2018

    obviously you have to purchase a premium membership to view the questions..

  5. FSociety
    June 13th, 2018

    @potion. Not that obvious. You didn’t use to have to buy a membership to see the questions.

  6. need help
    June 19th, 2018

    about to write next month what material should i use

  7. Hey
    April 24th, 2019

    How to get questions?

  8. Anonymous
    October 10th, 2019

    Hi there, any one has the ICND2 questions, plsssssssssssss, tacevesr at gm