Section 4.7 Port Security

Ace your homework & exams now with Quizwiz!

In which of the following situations would you use port security?

You wanted to restrict the devices that could connect through a switch port.

What are the default switchport configuration parameters on a 2960 switch? (Select two.)

A maximum of 1 MAC address per port is allowed. Violation action is set to shutdown.

You've just enabled port security on an interface of a Catalyst 2950 switch. You want to generate an SNMP trap whenever a violation occurs. Which feature should you enable?

restrict

You are the network administrator for a city library. Throughout the library are several groups of computers that provide public access to the Internet. Supervision of these computers has been difficult. You've had problems with patrons bringing personal laptops into the library and disconnecting the network cables from the library computers to connect their laptops to the Internet. The library computers are in groups of four. Each group of four computers is connected to a hub that is connected to the library network through an access port on a Catalyst 2960 switch. You want to restrict access to the network so only the library computers are permitted connectivity to the Internet. What can you do?

Configure port security on the switch.

You have a Catalyst 2960 switch on a small local area network with one server and five workstations. The file server is named SrvFS and is connected to port Fa0/17 on the switch. You want to make sure that only this server can connect to port Fa0/17, but that it can send and receive frames from the five workstations on the network. What should you do?

Configure switchport security on Fa0/17 to allow only the MAC address of SrvFS.

You have configured port security for the Fa0/3 interface. To test the security settings, you connect two workstations to the same port. Both are allowed to connect. You check the running-config file and find the following for the interface: interface FastEthernet0/3 switchport mode access switchport port-security mac-address sticky You want to allow only a single device to connect to this port. What should you do?

For the interface, use the switchport port-security command.

You are configuring a new 2960 switch. You issue the following commands: interface fast 0/15 switchport mode access switchport port-security switchport port-security maximum 1 switchport port-security mac-address sticky switchport port-security violation protect You connect a hub with two workstations to port Fa0/15. You power on first Device1 and then Device2. What will be the result?

Frames from Device1 will be allowed; frames from Device2 will be dropped.

You have just enabled port security on a switch port. What are the default settings? (Select three.)

Maximum of 1 device Dynamically-learned allowed addresses Shutdown violation mode

You are troubleshooting the connections on a switch. The device connected to the switch on fa0/8 is powered on. Which would you do to correct the status of Fa0/8?

Replace the cable.

You have two IP phone daisy chains as shown in the exhibit. Which of the following commands correctly configures port security on both FastEthernet 0/5 and 0/6? (Select two.)

Switch (config-if) #switchport port-security maximum 3 Switch (config-if) #switchport port-security

You have a Catalyst 2960 switch on a small local area network with one server and five workstations. The file server is named SrvFS and is connected to port Fa0/17 on the switch. You want to make sure that only this server can connect to port Fa0/17. If any unauthorized devices attempt to attach, you want to disable the port until you manually re-enable it. On Fa0/17, you use the switchport port-security mac-address command to identify the MAC address of the server. What else should you include in your configuration? (Select two.)

switchport port-security violation shutdown switchport port-security maximum 1

You have a switch that has port security on the Fa0/3 interface. The output of the show port-security interface fa0/3 command is shown below: What is true of the configuration? (Select two.)

The port allows up to two connected devices. The port has learned one MAC address and saved that address in the running-config file.

You have a switch that has port security on the Fa0/3 interface. The output of the show port-security interface fa0/3 command is shown below: What is true of the configuration? (Select two.)

The port has been disabled because too many MAC addresses have been detected.

Which of the following are true of port security sticky addresses? (Select two.)

They can be learned automatically or manually configured. They are placed in the running-config file, and can be saved to the startup-config file.

You are troubleshooting the connections on a switch. Which would you do to correct the status shown for Fa0/12?

Use the no shutdown command.


Related study sets

highlighted questions with mackenzie

View Set

Chapter 13: Palliative and End-of-Life Care

View Set

Nutrition Ch. 12: Global Nutrition

View Set

MGMT 3720: Chapter 7 - Motivation Concepts

View Set

Chapter 20: Transition to Parenthood

View Set

Leadership Exam 3 Practice Questions & Lippincott Questions

View Set