Chapter 9
A Cisco Catalyst switch connects to what should be individual user PCs. Each port has the same port security configuration, configured as follows: interface range gigabitethernet 0/1 - 24 switchport mode access switchport port-security switchport port-security mac-address sticky Which of the following answers describe the result of the port security configuration created with these commands?
If a user connects a switch to the cable, prevents multiple devices from sending data through the port Will allow any one device to connect to each port, but will not save that device's MAC address into the startup-config
In which of the following modes of the CLI could you configure the duplex setting for interface Fast Ethernet 0/5?
Interface configuration mode
By default, router interfaces are
disabled
if autonegotiation had been used, it would display
"a-half" and "a-100"
default setting of switchport port-security maximum
1
A Cisco Catalyst switch connects with its Gigabit0/1 port to an end user's PC. The end user, thinking the user is helping, manually sets the PC's OS to use a speed of 1000 Mbps and to use full duplex, and disables the use of autonegotiation. The switch's G0/1 port has default settings for speed and duplex. What speed and duplex settings will the switch decide to use? (Choose two answers.)
1000 Mbps Full duplex
Which of the following describes a way to disable IEEE standard autonegotiation on a 10/100 port on a Cisco switch?
Configure the speed 100 and duplex full interface subcommands
What happens when violation occurs in Protect
Discards offending traffic
What happens when violation occurs in Restrict
Discards offending traffic Sends log and SNMP message Increments the violation counter
What happens when violation occurs in Shutdown
Discards offending traffic Sends log and SNMP message Increments the violation counter Put in err-disable mode (discards all traffic)
Which of the following is required when configuring port security with sticky learning?
Enabling port security with the switchport port-security interface subcommand
Different levels of Port Security
Protect Restrict shutdown
A switch's port Gi0/1 has been correctly enabled with port security. The configuration sets the violation mode to restrict. A frame that violates the port security policy enters the interface, followed by a frame that does not. Which of the following answers correctly describe what happens in this scenario? (Choose 2 answers.)
The switch increments the violation counter for Gi0/1 by 1. The switch generates syslog messages about the violating traffic for the first frame.
If both the host and the switch support 1000 Mbps speeds, then the resulting connection would use
a speed of 1000 Mbps and a duplex of Full
EXEC command to save sticky address configuration
copy running-config startup-config
By default, switchport interfaces are
enabled
port security adds sticky command to the
running-config file
The Cisco IOS command that is used to control the state of an interface (switchport) is
shutdown/no shutdown command
this command causes the switch to learn the source MAC, and to add it to a switchport port-security mac-address address interface subcommand
sticky parameter
two required commands to configure port security with sticky learning
switchport port-security switchport port-security mac-address sticky
Command, with specific MAC addresses, is needed
switchport port-security mac-address