Exam 200-120 Question id=25 IP Services

interface FastEthernet0/21 switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address sticky end

Which of these correctly describes the results of port security violation of an unknown packet?

A. port enabled; unknown packets dropped; no SNMP or syslog messages
B. port enabled; unknown packets dropped; SNMP or syslog messages
C. port disabled; no SNMP or syslog messages
D. port disabled; SNMP or syslog messages
previous question
next question

switch#sh port-security int fa0/21 Port Security : Enabled Port Status : Secure-down Violation Mode : Shutdown Aging Time : 0 mins Aging Type : Absolute SecureStatic Address Aging : Disabled Maximum MAC Addresses : 2 Total MAC Addresses : 0 Configured MAC Addresses : 0 Sticky MAC Addresses : 0 Last Source Address : 0000.0000.0000 Security Violation Count : 0

The action that the device takes when one of these violations occurs can be configured:
Protect -This mode permits traffic from known MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the
allowed MAC address limit. When configured with this mode, no notification action is taken when traffic is dropped. Restrict--This mode permits traffic from known
MAC addresses to continue to be forwarded while dropping traffic from unknown MAC addresses when over the allowed MAC address limit. When configured with
this mode, a syslog message is logged, a Simple Network Management Protocol (SNMP) trap is sent, and a violation counter is incremented when traffic is
dropped.
Shutdown - This mode is the default violation mode; when in this mode, the switch will automatically force the switchport into an error disabled (err-disable) state
when a violation occurs. While in this state, the switchport forwards no traffic. The switchport can be brought out of this error disabled state by issuing the errdisable
recovery cause CLI command or by disabling and re-enabling the switchport.
Shutdown VLAN - This mode mimics the behavior of the shutdown mode but limits the error disabled state the specific violating VLAN.



WARNING

the answers are mixed, do not specify in the comment number or the letter of the answer
please write answer#A instead A, answer#B instead B...
Subject:

only logged users can write comments