Ch.10 Layer 2 switching
Write the command that generated the following output.
show mac address-table
What command will show you the forward/filter table??
show mac-address table
what two commands can you use to verify that port security has been configured on a port fastethernet 0/12?
show port-securit int f0/12, show running-config
Write the command required to disable the port if a security violation occurs. write the command and not the prompt?
switchport port-security violation shutdown
In the work area in the following graphic, draw the functions of a switch from the list on the left to the right.
Address learning Forward/filter decisions Loop avoidance
what are the three switch functions at layer 2?
Address learning, Forward/filter decisions, Loop avoidance
Which of the following methods will ensure that only one specific host can connect to port f0/3 on a switch?
Configure statically, configure it to accept only one MAC address.
Restrict?
Drops packets with unknown addresses until enough have dropped. Generates log message to SNMP trap.
Protect?
Drops packets with unknown source addresses until enough secure mac addresses drop below maximum value
True/False: The layer 2 switch must have an IP address set and the PCs connecting to the switch must use that address as their default gateway?
False
If a destination MAC address is not in the forward/filter table, what will the switch do with the frame?
Forward out of all frames except the one it received the frame on
which of the following is not an issue addressed by STP?
Gateway redundancy
Shutdown?
Is the default violation mode, puts interface into error-disabled state. sends an SNMP trap. perform shut/no shutdown command to make interface usable again
Which of the following statements is not true with regard to layer 2 switching?
Layer 2 switches and bridges are faster than router because they don't take up time looking at the Data-Link layer header information.
The conference room has a switch port available for use by the presenter during classes, and each presenter uses the same PC attached to the port. You would like to prevent other PCs from using that port. you have completely removed the former configuration in order to start anew. Which of the following steps is not required to prevent any other PCs from using the port?
Make the port a trunk port
Which violation mode drops packets with unknown source addresses until you remove enough secure MAC addresses to drop below the maximum but also generates a log message, causes the security violation counter to increment, and sends an SNMP trap but does not disable the port?
Protect
What does the sticky keyword in the port-security command provide?
Provide static MAC addresses without having to type in the address
What statements is/are true about the output shown here?
Requires the no shutdown command
Which two violation modes send out an SNMP trap?
Restrict and Shutdown
Which two of the following switch port violation modes will alert you via SNMP that a violation has occured on that port?
Restrict, shutdown
What issues arises when redundancy exists between switches is shown in the figure?
Routing loop
____is the loop avoidance mechanism used by switches.
STP
If a frame is received on a switchport and the source MAC address is not in the forward/filter table, what will the switch do?
Send frame out of all the ports except the one it was received on
In the diagram shown, what will the switch do if a frame with a destination mac ADDRESS OF 000A.f467.63b1 is receieved on f0/4?
Sends the frame out of all the ports except the one it was recieved on (from the switch)
which Cisco IOS command is used to verify the port security configuration of a switch port?
Show port-security interface
What will be the effect of executing the following command on port f0/1?
Statically defines a mac address to be allowed on the port.
what are the default modes for a switch port configured with port security?
Switchport mod desirable
Which of the following commands in this configuration is a prerequisite for the other commands to function?
Switchport port-security
Write the command that would limit the number of MAC addresses allowed on a port to 2. write only the command and not the prompt.
Switchport port-security maximum 2
Write the command that will save a dynamically learned MAC address in the running-configuration of a Cisco switch?
Switchport security mac-address sticky
On which default interface have you configured an iP address for a switch?
VLAN 1
Write the command that must be present on any switch that you need to manage from a different subnet.
ip default-gateway
List the two commands that generated the last entry in the MAC address table shown.
mac address-table static show mac address-table
