search

Which of the following is required when configuring port security with sticky learning?

1 Jahrs vor
Kommentare: 0
Ansichten: 118

Port Security

Show

All switch ports (interfaces) should be secured before the switch is deployed for production use. One way to secure ports is by implementing a feature called port security. Port security limits the number of valid MAC addresses allowed on a port. The MAC addresses of legitimate devices are allowed access, while other MAC addresses are denied.

Port security can be configured to allow one or more MAC addresses. If the number of MAC addresses allowed on the port is limited to one, then only the device with that specific MAC address can successfully connect to the port.

If a port is configured as a secure port and the maximum number of MAC addresses is reached, any additional attempts to connect by unknown MAC addresses will generate a security violation. Figure 1 summarizes these points.

Secure MAC Address Types

There are a number of ways to configure port security. The type of secure address is based on the configuration and includes:

  • Static secure MAC addresses - MAC addresses that are manually configured on a port by using the switchport port-security mac-address mac-address interface configuration mode command. MAC addresses configured in this way are stored in the address table and are added to the running configuration on the switch.
  • Dynamic secure MAC addresses - MAC addresses that are dynamically learned and stored only in the address table. MAC addresses configured in this way are removed when the switch restarts.
  • Sticky secure MAC addresses - MAC addresses that can be dynamically learned or manually confiugred, then stored in the address table and added to the running configuration.

Sticky Secure MAC addresses

To configure an interface to convert dynamically learned MAC addresses to sticky secure MAC addresses and add them to the running configuration, you must enable sticky learning. Sticky learning is enabled on an interface by using the switchport port-security mac-address sticky interface configuration mode command.

When this command is entered, the switch converts all dynamically learned MAC addresses, including those that were dynamically learned before sticky learning was enabled, to sticky secure MAC addresses. All sticky secure MAC addresses are added to the address table and to the running configuration.

Sticky secure MAC addresses can also be manually defined. When sticky secure MAC addresses are configured by using the switchport port-security mac-address sticky mac-address interface configuration mode command, all specified addresses are added to the address table and the running configuration.

If the sticky secure MAC addresses are saved to the startup configuration file, then when the switch restarts or the interface shuts down, the interface does not need to relearn the addresses. If the sticky secure addresses are not saved, they will be lost.

If sticky learning is disabled by using the no switchport port-security mac-address sticky interface configuration mode command, the sticky secure MAC addresses remain part of the address table, but are removed from the running configuration.

Figure 2 shows the characteristics of stick secure MAC addresses.

Note that switchport port-security commands will not function until port security is enabled.

A Cisco Catalyst switch connects with its Gigabit0/1 port to an end user's PC. The end user, thinking theuser is helping, manually sets the PC's OS to use a speed of 1000 Mbps and to use full duplex, anddisables the use of autonegotiation. The switch's G0/1 port has default settings for speed and duplex.What speed and duplex settings will the switch decide to use? (Choose two answers.)Full duplex1000 Mbps

In which of the following modes of the CLI could you configure the duplex setting for interface FastEthernet 0/5?

Get answer to your question and much more

Which of the following describes a way to disable IEEE standard autonegotiation on a 10/100 port on aCisco switch?

Get answer to your question and much more

Which of the following is required when configuring port security with sticky learning?

Get answer to your question and much more

Which of the following describes a way to disable IEEE standard autonegotiation on a 10/100 port on a Cisco switch?

If a user connects a switch to the cable, prevents multiple devices from sending data through the port.

Prevents unknown devices with unknown MAC addresses from sending data through the switch ports.

Will allow any one device to connect to each port, and will save that device’s MAC address into the startup-config

Will allow any one device to connect to each port and will save that device’s MAC address into the startup-config

Which of the following is required when configuring port security with sticky learning?

Configure the no negotiate interface subcommand

Configure the duplex half interface subcommand

Configure the duplex full interface subcommand

Configure the speed 100 and duplex full interface subcommands

A switch’s port Gi0/1 has been correctly enabled with port security. The configuration sets the violation mode to restrict. A frame that violates the port security policy enters the interface, followed by a frame that does not. Which of the following answers correctly describe what happens in this scenario?

Setting the maximum number of allowed MAC addresses on the interface with the switchport port-security maximum interface subcommand

Enabling port security with the switchport port-security interface subcommand

Defining the specific allowed MAC addresses using the switchport port-security mac-address interface subcommand

All the other answers list required commands

A Cisco Catalyst switch connects with its Gigabit0/1 port to an end user’s PC. The end user, thinking the user is helping, manually sets the PC’s OS to use a speed of 1000 Mbps and to use full duplex, and disables the use of autonegotiation. The switch’s G0/1 port has default settings for speed and duplex. What speed and duplex settings will the switch decide to use?

The switch discards both the first and second frame.

The switch puts the interface into an err-disabled state when the first frame arrives.

The switch generates syslog messages about the violating traffic for the first frame.

The switch increments the violation counter for Gi0/1 by 2.

In which of the following modes of the CLI could you configure the duplex setting for interface Fast Ethernet 0/5?

Half duplex

Full duplex

10000 Mbps

10 Mbps

Configuring Switch Interfaces

What command lists the configuration settings for port security on an interface?

To display port security settings for the switch or for the specified interface, use the show port-security [interface interface-id] command. The output for the dynamic port security configuration is shown in Figure 1. By default, there is one MAC address allowed on this port.

What information does the Switchport port security command use to restrict access to a switch's interface?

- Port security on a switch port restricts port access by MAC address. - By using port security, you can limit the number of MAC addresses that can be assigned dynamically to a port, set static MAC addresses.

What is the effect of entering the Switchport port security configuration command on a switch?

What is the effect of entering the switchport port-security configuration command on a switch? It enables port security globally on the switch. It dynamically learns the L2 address and copies it to the running configuration. It restricts the number of discovery messages, per second, to be received on the interface.

What is the default action of port security on the interface when the maximum number of MAC address is exceeded?

1. Shutdown. The port shuts down when the maximum number of secure MAC addresses is exceeded.

required configuring port security sticky learning

zusammenhängende Posts

The main purpose of the wbs is to define all of the work required to complete a project.
The main purpose of the wbs is to define all of the work required to complete a project.

What rate of interest compounded annually is required to double an investment in 8 years?
What rate of interest compounded annually is required to double an investment in 8 years?

What is required in the process of defining relationships among data to create useful information?
What is required in the process of defining relationships among data to create useful information?

Which document should list and describe all of the deliverables required for the project?
Which document should list and describe all of the deliverables required for the project?

Written summary of the minimum qualifications required of a worker to fill a specific job
Written summary of the minimum qualifications required of a worker to fill a specific job

What are the complementary assets required for information technology to provide value to a business?
What are the complementary assets required for information technology to provide value to a business?

An assembly line currently has five workstations and the time required for each is shown below
An assembly line currently has five workstations and the time required for each is shown below

Are those products or services that are desired by humans and will be purchased if money is available after that required necessities have been obtained?
Are those products or services that are desired by humans and will be purchased if money is available after that required necessities have been obtained?

How many hours of continuing education instruction are producers required to complete every 2 years?
How many hours of continuing education instruction are producers required to complete every 2 years?

For initial registration as an agent in a state, all of the following are required except:
For initial registration as an agent in a state, all of the following are required except:

Werbung

NEUESTEN NACHRICHTEN

Wie bekommt man einen Knutschfleck schnell wieder weg?
1 Jahrs vor . durch MaterialReinstatement
Warum kann ich meine Homepage nicht öffnen?
1 Jahrs vor . durch InexhaustibleConflict
Abrechnung mastercard wer ist zuständig
1 Jahrs vor . durch OldVicinity
Which of the following describe Accenture people choose every correct answer
1 Jahrs vor . durch WillingRecurrence
Mobiles Datennetzwerk konnte nicht aktiviert werden Ausland
1 Jahrs vor . durch SubversiveAdage
Wer stirbt in Staffel 8 Folge 24 Greys Anatomy?
1 Jahrs vor . durch PretrialLicence
Wie lange braucht leber um sich vom alkohol zu erholen
1 Jahrs vor . durch ElectromagneticSubcommittee
Is a planned activity at a special event that is conducted for the benefit of an audience.
1 Jahrs vor . durch SleepingEspionage
Welche Spiele kann man mit PC und PS4 zusammen spielen?
1 Jahrs vor . durch PromiscuousOutage
Was tun wenn baby erstickt
1 Jahrs vor . durch FreezingElectricity

Werbung

Populer

Werbung

Um

Legal

Hilfe

Sozial

homeendejahikoptzhth
Urheberrechte © © 2024 de.ketajaman Inc.