Refer to the exhibit. Which two events occur on the interface, if packets from an unknown Source address arrive after the interface learns the maximum number of secure MAC address? (Choose two.)
A.
The security violation counter dose not increment
B.
The port LED turns off
C.
The interface is error-disabled
D.
A syslog message is generated
E.
The interface drops traffic from unknown MAC address
protect—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.
restrict—Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the SecurityViolation counter to increment.
shutdown—Puts the interface into the error-disabled state immediately and sends an SNMP trap notification.
correct
Protect – When a violation occurs in this mode, the switchport will permit traffic from known MAC addresses to continue sending traffic while dropping traffic from unknown MAC addresses. When using this mode, no notification message is sent when this violation occurs.
According to question A and E are correct. However the configuration shown is saying different as allowed mac address is 4 and only 3 mac address has been learned by device.
Correct Answer A e E.
With protect mode, the only action the switch takes for a
frame that violates the port security rules is to discard
the frame. The switch does not change the port to an errdisabled
state, does not generate messages, and does not
even increment the violations counter (Official Cert Guide,
V2 pg350).
Shutdown – After violation, the switchport will be taken out of service and placed in the err-disabled state. The switchport will remain in this state until manually removed.
Protect – After violation, the switchport will permit traffic from known MAC addresses to continue sending traffic while dropping traffic from unknown MAC addresses. When using this mode, no notification message is sent when this violation occurs.
Restrict – After violation occurs, the switchport will permit traffic from known MAC addresses to continue sending traffic while dropping traffic from unknown MAC addresses. However, unlike the protect violation type, a message is also sent indicating that a violation has occurred.
This section is not available anymore. Please use the main Exam Page.200-301 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
BooleanPizza
Highly Voted 3Â years, 2Â months agonakres64
Highly Voted 3Â years, 9Â months agoriteshm42
Most Recent 2Â months, 1Â week ago[Removed]
7Â months, 2Â weeks ago[Removed]
1Â year, 4Â months agodropspablo
1Â year, 5Â months agoGoh0503
2Â years, 1Â month agoMafix
2Â years, 8Â months agoHodicek
2Â years, 11Â months agoJimmy
3Â years, 8Â months ago