ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-115 All Questions

View all questions & answers for the 300-115 exam
Go to Exam

Exam 300-115 topic 5 question 157 discussion

Actual exam question from Cisco's 300-115
Question #: 157
Topic #: 5
[All 300-115 Questions]

Which PVLAN port type can only send frames to promiscuous ports?

  • A. private
  • B. promiscuous
  • C. isolated
  • D. community
  • E. public C
Show Suggested Answer Hide Answer
Suggested Answer: Explanation 🗳️
There are three types of ports in a private VLAN (PVLAN): promiscuous, isolated, and community. A PVLAN isolated port type can only send frames to promiscuous ports.
Consider the following graphic:

Host B is attached to a promiscuous mode port. In this mode, Host B can send and receive frames with other promiscuous, isolated, or community ports assigned to the same privateVLAN. Therefore, frames can be exchanged with Hosts A or C. Hosts A and C are attached to isolated ports. Isolated ports are able to send frames to promiscuous ports but not to each other.
Isolated and promiscuous ports can be combined to achieve a desired level of separation between particular machines while still allowing required access to services. As another example, suppose that security policy dictated that Host A and Host C cannot communicate with one another, but both computers needed to access a database on Host B. The isolated ports keep them from communicating with one another, while the use of a promiscuous port to Host B allows them to access the database. Any other resources in the network that either machine needs access to should be therefore connected with a promiscuous port.
The third type of port is a community port. A community port can communicate with other community ports of the same private VLAN or promiscuous ports.
Objective:

Infrastructure Security -
Sub-Objective:
Configure and verify switch security features
References:
Cisco > Home > Support > Product Support > End-of-Sale and End-of-Life Products > Cisco Catalyst 6000 Series Switches > Configure > Configuration Examples and Technotes > Securing Networks with Private VLANs and VLAN Access Control Lists
by Alice2020 at Jan. 16, 2020, 11:16 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Alice2020
5 years, 5 months ago
ISOLATED IS THE ANSWER
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel