ExamTopics Logo
Mail Us[email protected]
Menu
Cisco Discussions
exam questions

Exam 300-115 All Questions

View all questions & answers for the 300-115 exam
Go to Exam

Exam 300-115 topic 4 question 66 discussion

Actual exam question from Cisco's 300-115
Question #: 66
Topic #: 4
[All 300-115 Questions]

In which two ways can a port respond to a port-security violation? (Choose two.)

  • A. The port enters the err-disabled state
  • B. The port enters the shutdown state
  • C. The port triggers an EEM script to notify support staff and continues to forward traffic normally
  • D. The SecurityViolation counter is incremented and the port sends an SNMP trap
  • E. The SecurityViolation counter is incremented and the port sends a critical syslog message to the console
  • F. The port immediately begins to drop all traffic
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
protect - The PFC drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value. restrict - The PFC drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and causes the security violation counter to increment. shutdown - Puts the interface into the error-disabled state immediately and sends an SNMP trap notification.
Restrict increments the counter and sends an SNMP trap. And shutdown puts the interface in err-disabled state.
by Floyd at March 25, 2019, 2:32 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Janhattal
5 years ago
Correct Answer B, D
upvoted 1 times
Kierewiet
4 years, 10 months ago
A and D And shutdown puts the interface in err-disabled state.
upvoted 1 times
...
...
james
5 years, 3 months ago
I don't agree with this. According to Cisco's documentation, there are 3 ways a port can react if there is a port-security violation: protect: Drops all the packets from the insecure hosts at the port-security process level but does not increment the security-violation count. restrict: Drops all the packets from the insecure hosts at the port-security process level and increments the security-violation count. shutdown: Shuts down the port if there is a security violation. https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/l2/switchport-port-security-violation.html
upvoted 2 times
...
Floyd
5 years, 8 months ago
While I agree that the answers given are correct by the documentation, a very good argument can be made for answer E as well. If you have worked with this stuff long enough you will have seen this log message that does appear on the console. *Mar 1 02:00:02.643: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address ecf4.bb65.371f on port FastEthernet0/5. As you can see it is level 2 which is a critcal message. So it may be better to change the wording on E to maybe level 1 or level 4. Just my opinion.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago