When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()A、protect (drop packets with unknown source addresses)B、restrict (increment SecurityViolation counter)C、shut down (access or trunk port)D、transition (the access port to a trunking port)
When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()
- A、protect (drop packets with unknown source addresses)
- B、restrict (increment SecurityViolation counter)
- C、shut down (access or trunk port)
- D、transition (the access port to a trunking port)
相关考题:
When you enter the interface command auto qos voip cisco-phone on a port at the edge of a network,how does the Cisco Catalyst switch detect if a Cisco IP Phone is connected to the port?() A. by snooping the CoS marking on the incoming framesB. by using RTP hello messages between the switch port and the Cisco IP PhoneC. by using CDPD. by using DHCP snoopingE. by snooping the incoming 802.1Q VLAN tag
A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices. What would be the most efficient way to configure MAC-level security on all these ports?()A. Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address command.B. Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address command.C. Use the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to them.D. Use show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security.
By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access?() A. Create an additional ACL to block the access to VLAN 1.B. Move the management VLAN to something other than default.C. Move all ports to another VLAN and deactivate the default VLAN.D. Limit the access in the switch using port security configuration.E. Use static VLAN in trunks and access ports to restrict connections.F. Shutdown all unused ports in the Catalyst switch.
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()A. Switch1(config-if)# switchport port-security maximum 1B. Switch1(config)# mac-address-table secureC. Switch1(config)# access-list 10 permit ip hostD. Switch1(config-if)# switchport p ort-security violation shutdownE. Switch1(config-if)# ip access-group 10
After enabling port security on a Cisco Catalyst switch, what is the default action when the configuredmaximum of allowed MAC addresses value is exceeded?()A、The port’s violation mode is set to restrictB、The port is shut downC、The MAC address table is cleared and the new MAC address is entered into the tableD、The port remains enabled, but bandwidth is throttled until old MAC addresses are aged out
When you enter the interface command auto qos voip cisco-phone on a port at the edge of a network,how does the Cisco Catalyst switch detect if a Cisco IP Phone is connected to the port?()A、by snooping the CoS marking on the incoming framesB、by using RTP hello messages between the switch port and the Cisco IP PhoneC、by using CDPD、by using DHCP snoopingE、by snooping the incoming 802.1Q VLAN tag
A new Catalyst switch is connected to an existing switch using a crossover cable. As a result of this, what would the switch port link lights display?()A、The switch port link lights will be off on both switches indicating the ports are not connected.B、The switch port link light will be off on one switch indicating that STP has disabled the port.C、The switch port link lights will flash amber indicating an error.D、The switch port link lights will be green indicating normal operation.
You examine the port statistics on a Cisco Catalyst switch and notice an excessive number offrames are being dropped. Which of the following are possible reasons for the drops?()A、Unknown destination MAC addressB、Bad cablingC、MAC forwarding table is fullD、Port configured for half duplexE、Port configured for full duplexF、Network congestion
What is the effect of applying the switchport trunk encapsulation dot1q command to a port on a Cisco Catalyst switch?()A、By default, native VLAN packets going out this port will be tagged.B、Without an encapsulation command, 802.1Q will be the default encapsulation if DTP fails to negotiate a trunking protocol.C、The interface will support the reception of tagged and untagged traffic.D、If the device connected to this port is not 802.1Q-enabled, it will not be able to handle 802.1Q packets.
When configuring a routed port on a Cisco multilayer switch, which of these is a required configuration task that you must perform to enable that port to function as a routed port? ()A、Enable the switch to participate in routing updates from external devices with the router command in global configuration mode.B、Enter the no switchport command to disable Layer 2 functionality at the interface level.C、Each port participating in routing of Layer 3 packets must have an IP routing protocol assigned on aperinterface level.D、Routing is enabled by default on a multilayer switch, so the port can become a Layer 3 routing interface by assigning the appropriate IP address and subnet information.
The network security policy requires that only one host be permitted to attach dynamically to each switch interfacE.If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy? ()A、Switch1(config-if)# switchport port-security maximum 1B、Switch1(config)# mac-address-table secureC、Switch1(config)# access-list 10 permit ip hostD、Switch1(config-if)# switchport port-security violation shutdownE、Switch1(config-if)# ip access-group 10
Which of the following should you enable to prevent a switch from forwarding packets with source addresses that are outside an administratively defined group? ()A、 DAIB、 STPC、 PVLAND、 port security
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。A、Switch1(config-if)# switchport port-security maximum 1B、Switch1(config)# mac-address-table secureC、Switch1(config)# access-list 10 permit ip hostD、Switch1(config-if)# switchport port-security violation shutdownE、Switch1(config-if)# ip access-group 10
A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices. What would be the most efficient way to configure MAC-level security on all these ports?()A、Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address commandB、Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address commandC、Use the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to themD、Use show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security
The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()A、TestKing1(config-if)# switchport port-security maximum 1B、TestKing1(config)# mac-address-table secureC、TestKing1(config)# access-list 10 permit ip hostD、TestKing1(config-if)# switchport port-security violation shutdownE、TestKing1(config-if)# ip access-group 10
A Company switch was configured as shown below: switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002 switchport port-security violation shutdown Given the configuration output shown above, what happens when a host with the MAC address of 0003.0003.0003 is directly connected to the switch port? ()A、 The host will be allowed to connect.B、 The port will shut down.C、 The host can only connect through a hub/switch where 0002.0002.0002 is already connected. D、 The host will be refused access.E、 None of the other alternatives apply
You need to configure port security on switch R1. Which two statements are true about this technology? ()A、 Port security can be configured for ports supporting VoIP.B、 With port security configured, four MAC addresses are allowed by default.C、 The network administrator must manually enter the MAC address for each device in order for the switch to allow connectivity.D、Withsecurity configured, only one MAC addresses is allowed by default. E、 Port security cannot be configured for ports supporting VoIP.
单选题A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices.What would be the most efficient way to configure MAC-level security on all these ports? ()AVisually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address command.BHave end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address command.CUse the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to them.DUse show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security.
单选题When configuring a routed port on a Cisco multilayer switch, which of these is a required configuration task that you must perform to enable that port to function as a routed port? ()AEnable the switch to participate in routing updates from external devices with the router command in global configuration mode.BEnter the no switchport command to disable Layer 2 functionality at the interface level.CEach port participating in routing of Layer 3 packets must have an IP routing protocol assigned on aperinterface level.DRouting is enabled by default on a multilayer switch, so the port can become a Layer 3 routing interface by assigning the appropriate IP address and subnet information.
多选题The network security policy requires that only one host be permitted to attach dynamically to each switch interfacE.If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy? ()ASwitch1(config-if)# switchport port-security maximum 1BSwitch1(config)# mac-address-table secureCSwitch1(config)# access-list 10 permit ip hostDSwitch1(config-if)# switchport port-security violation shutdownESwitch1(config-if)# ip access-group 10
多选题By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? ()ACreate an additional ACL to block the access to VLAN 1.BMove the management VLAN to something other than default.CMove all ports to another VLAN and deactivate the default VLAN.DLimit the access in the switch using port security configuration.EUse static VLAN in trunks and access ports to restrict connections.FShutdown all unused ports in the Catalyst switch.
多选题The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。ASwitch1(config-if)# switchport port-security maximum 1BSwitch1(config)# mac-address-table secureCSwitch1(config)# access-list 10 permit ip hostDSwitch1(config-if)# switchport port-security violation shutdownESwitch1(config-if)# ip access-group 10
单选题After enabling port security on a Cisco Catalyst switch, what is the default action when the configuredmaximum of allowed MAC addresses value is exceeded?()AThe port’s violation mode is set to restrictBThe port is shut downCThe MAC address table is cleared and the new MAC address is entered into the tableDThe port remains enabled, but bandwidth is throttled until old MAC addresses are aged out
单选题When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()Aprotect (drop packets with unknown source addresses)Brestrict (increment SecurityViolation counter)Cshut down (access or trunk port)Dtransition (the access port to a trunking port)
单选题Which of the following should you enable to prevent a switch from forwarding packets with source addresses that are outside an administratively defined group? ()A DAIB STPC PVLAND port security
单选题A Company switch was configured as shown below: switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002 switchport port-security violation shutdown Given the configuration output shown above, what happens when a host with the MAC address of 0003.0003.0003 is directly connected to the switch port? ()A The host will be allowed to connect.B The port will shut down.C The host can only connect through a hub/switch where 0002.0002.0002 is already connected. D The host will be refused access.E None of the other alternatives apply
单选题What is the effect of applying the switchport trunk encapsulation dot1q command to a port on a Cisco Catalyst switch?()ABy default, native VLAN packets going out this port will be tagged.BWithout an encapsulation command, 802.1Q will be the default encapsulation if DTP fails to negotiate a trunking protocol.CThe interface will support the reception of tagged and untagged traffic.DIf the device connected to this port is not 802.1Q-enabled, it will not be able to handle 802.1Q packets.