Exam 200-301 topic 1 question 642 discussion

When a port configured for "shutdown" experiences a violation, it sends an syslog message, sets the violation count to 1, then error disables. These questions are flat out wrong.

The question didn't say anything about the port being shut down what makes you so sure it's D?

copy pasted directly out of provided link •Restrict—A port security violation restricts data, causes the SecurityViolation counter to increment, and causes an SNMP Notification to be generated. The rate at which SNMP traps are generated can be controlled by the snmp-server enable traps port-security trap-rate command. The default value ("0") causes an SNMP trap to be generated for every security violation. •Shutdown—A port security violation causes the interface to shut down immediately. When a secure port is in the error-disabled state, you can bring it out of this state by entering the errdisable recovery cause psecure-violation global configuration command or you can manually reenable it by entering the shutdown and no shut down interface configuration commands. This is the default mode.

"Regarding the two correct answers, a port in port security restrict does cause the switch to issue log messages for a violating frame, send SNMP traps about that same event (if SNMP is configured), and increment the counter of violating frames." - CCNA 200-301 Vol. 2 by W. Odom So I assume that D is also an answer(only based on the book) as it also sends syslog and SNMP (if configured). But I guess it's a matter of specificity of perks unlocked, so also C for me.