Chapter 9

A Cisco Catalyst switch connects to what should be individual user PCs. Each port has the same port security configuration, configured as follows: interface range gigabitethernet 0/1 - 24 switchport mode access switchport port-security switchport port-security mac-address sticky Which of the following answers describe the result of the port security configuration created with these commands?

If a user connects a switch to the cable, prevents multiple devices from sending data through the port Will allow any one device to connect to each port, but will not save that device's MAC address into the startup-config

In which of the following modes of the CLI could you configure the duplex setting for interface Fast Ethernet 0/5?

Interface configuration mode

By default, router interfaces are

disabled

if autonegotiation had been used, it would display

"a-half" and "a-100"

default setting of switchport port-security maximum

1

A Cisco Catalyst switch connects with its Gigabit0/1 port to an end user's PC. The end user, thinking the user is helping, manually sets the PC's OS to use a speed of 1000 Mbps and to use full duplex, and disables the use of autonegotiation. The switch's G0/1 port has default settings for speed and duplex. What speed and duplex settings will the switch decide to use? (Choose two answers.)

1000 Mbps Full duplex

Which of the following describes a way to disable IEEE standard autonegotiation on a 10/100 port on a Cisco switch?

Configure the speed 100 and duplex full interface subcommands

What happens when violation occurs in Protect

Discards offending traffic

What happens when violation occurs in Restrict

Discards offending traffic Sends log and SNMP message Increments the violation counter

What happens when violation occurs in Shutdown

Discards offending traffic Sends log and SNMP message Increments the violation counter Put in err-disable mode (discards all traffic)

Which of the following is required when configuring port security with sticky learning?

Enabling port security with the switchport port-security interface subcommand

Different levels of Port Security

Protect Restrict shutdown

A switch's port Gi0/1 has been correctly enabled with port security. The configuration sets the violation mode to restrict. A frame that violates the port security policy enters the interface, followed by a frame that does not. Which of the following answers correctly describe what happens in this scenario? (Choose 2 answers.)

The switch increments the violation counter for Gi0/1 by 1. The switch generates syslog messages about the violating traffic for the first frame.

If both the host and the switch support 1000 Mbps speeds, then the resulting connection would use

a speed of 1000 Mbps and a duplex of Full

EXEC command to save sticky address configuration

copy running-config startup-config

By default, switchport interfaces are

enabled

port security adds sticky command to the

running-config file

The Cisco IOS command that is used to control the state of an interface (switchport) is

shutdown/no shutdown command

this command causes the switch to learn the source MAC, and to add it to a switchport port-security mac-address address interface subcommand

sticky parameter

two required commands to configure port security with sticky learning

switchport port-security switchport port-security mac-address sticky

Command, with specific MAC addresses, is needed

switchport port-security mac-address