网友您好, 请在下方输入框内输入要搜索的题目:

题目内容 (请给出正确答案)

When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()

  • A、protect (drop packets with unknown source addresses)
  • B、restrict (increment SecurityViolation counter)
  • C、shut down (access or trunk port)
  • D、transition (the access port to a trunking port)

参考答案

更多 “When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()A、protect (drop packets with unknown source addresses)B、restrict (increment SecurityViolation counter)C、shut down (access or trunk port)D、transition (the access port to a trunking port)” 相关考题
考题 When you enter the interface command auto qos voip cisco-phone on a port at the edge of a network,how does the Cisco Catalyst switch detect if a Cisco IP Phone is connected to the port?() A. by snooping the CoS marking on the incoming framesB. by using RTP hello messages between the switch port and the Cisco IP PhoneC. by using CDPD. by using DHCP snoopingE. by snooping the incoming 802.1Q VLAN tag

考题 A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices. What would be the most efficient way to configure MAC-level security on all these ports?()A. Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address command.B. Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address command.C. Use the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to them.D. Use show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security.

考题 By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access?() A. Create an additional ACL to block the access to VLAN 1.B. Move the management VLAN to something other than default.C. Move all ports to another VLAN and deactivate the default VLAN.D. Limit the access in the switch using port security configuration.E. Use static VLAN in trunks and access ports to restrict connections.F. Shutdown all unused ports in the Catalyst switch.

考题 The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()A. Switch1(config-if)# switchport port-security maximum 1B. Switch1(config)# mac-address-table secureC. Switch1(config)# access-list 10 permit ip hostD. Switch1(config-if)# switchport p ort-security violation shutdownE. Switch1(config-if)# ip access-group 10

考题 After enabling port security on a Cisco Catalyst switch, what is the default action when the configuredmaximum of allowed MAC addresses value is exceeded?()A、The port’s violation mode is set to restrictB、The port is shut downC、The MAC address table is cleared and the new MAC address is entered into the tableD、The port remains enabled, but bandwidth is throttled until old MAC addresses are aged out

考题 When you enter the interface command auto qos voip cisco-phone on a port at the edge of a network,how does the Cisco Catalyst switch detect if a Cisco IP Phone is connected to the port?()A、by snooping the CoS marking on the incoming framesB、by using RTP hello messages between the switch port and the Cisco IP PhoneC、by using CDPD、by using DHCP snoopingE、by snooping the incoming 802.1Q VLAN tag

考题 A new Catalyst switch is connected to an existing switch using a crossover cable. As a result of this, what would the switch port link lights display?()A、The switch port link lights will be off on both switches indicating the ports are not connected.B、The switch port link light will be off on one switch indicating that STP has disabled the port.C、The switch port link lights will flash amber indicating an error.D、The switch port link lights will be green indicating normal operation.

考题 You examine the port statistics on a Cisco Catalyst switch and notice an excessive number offrames are being dropped. Which of the following are possible reasons for the drops?()A、Unknown destination MAC addressB、Bad cablingC、MAC forwarding table is fullD、Port configured for half duplexE、Port configured for full duplexF、Network congestion

考题 What is the effect of applying the switchport trunk encapsulation dot1q command to a port on a Cisco Catalyst switch?()A、By default, native VLAN packets going out this port will be tagged.B、Without an encapsulation command, 802.1Q will be the default encapsulation if DTP fails to negotiate a trunking protocol.C、The interface will support the reception of tagged and untagged traffic.D、If the device connected to this port is not 802.1Q-enabled, it will not be able to handle 802.1Q packets.

考题 When configuring a routed port on a Cisco multilayer switch, which of these is a required configuration task that you must perform to enable that port to function as a routed port? ()A、Enable the switch to participate in routing updates from external devices with the router command in global configuration mode.B、Enter the no switchport command to disable Layer 2 functionality at the interface level.C、Each port participating in routing of Layer 3 packets must have an IP routing protocol assigned on aperinterface level.D、Routing is enabled by default on a multilayer switch, so the port can become a Layer 3 routing interface by assigning the appropriate IP address and subnet information.

考题 The network security policy requires that only one host be permitted to attach dynamically to each switch interfacE.If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy? ()A、Switch1(config-if)# switchport port-security maximum 1B、Switch1(config)# mac-address-table secureC、Switch1(config)# access-list 10 permit ip hostD、Switch1(config-if)# switchport port-security violation shutdownE、Switch1(config-if)# ip access-group 10

考题 Which of the following should you enable to prevent a switch from forwarding packets with source  addresses that are outside an administratively defined group? ()A、 DAIB、 STPC、 PVLAND、 port security

考题 The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。A、Switch1(config-if)# switchport port-security maximum 1B、Switch1(config)# mac-address-table secureC、Switch1(config)# access-list 10 permit ip hostD、Switch1(config-if)# switchport port-security violation shutdownE、Switch1(config-if)# ip access-group 10

考题 A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices. What would be the most efficient way to configure MAC-level security on all these ports?()A、Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address commandB、Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address commandC、Use the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to themD、Use show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security

考题 The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy?()A、TestKing1(config-if)# switchport port-security maximum 1B、TestKing1(config)# mac-address-table secureC、TestKing1(config)# access-list 10 permit ip hostD、TestKing1(config-if)# switchport port-security violation shutdownE、TestKing1(config-if)# ip access-group 10

考题 A Company switch was configured as shown below:  switchport mode access  switchport port-security   switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002   switchport port-security violation shutdown   Given the configuration output shown above,  what happens when a host with the MAC address of  0003.0003.0003 is directly connected to the switch port? ()A、 The host will be allowed to connect.B、 The port will shut down.C、 The host can only connect through a hub/switch where 0002.0002.0002 is already connected.  D、 The host will be refused access.E、 None of the other alternatives apply

考题 You need to configure port security on switch R1.  Which two statements are true about this  technology? ()A、 Port security can be configured for ports supporting VoIP.B、 With port security configured, four MAC addresses are allowed by default.C、 The network administrator must manually enter the MAC address for each device in order for  the switch to allow connectivity.D、Withsecurity configured, only one MAC addresses is allowed by default.  E、 Port security cannot be configured for ports supporting VoIP.

考题 单选题A network administrator must configure 200 switch ports to accept traffic from only the currently attached host devices.What would be the most efficient way to configure MAC-level security on all these ports? ()A Visually verify the MAC addresses and then telnet to the switches to enter the switchport-port security mac-address command.B Have end users e-mail their MAC addresses. Telnet to the switch to enter the switchport-port security mac-address command.C Use the switchport port-security MAC address sticky command on all the switch ports that have end devices connected to them.D Use show mac-address-table to determine the addresses that are associated with each port and then enter the commands on each switch for MAC address port-security.

考题 单选题When configuring a routed port on a Cisco multilayer switch, which of these is a required configuration task that you must perform to enable that port to function as a routed port? ()A Enable the switch to participate in routing updates from external devices with the router command in global configuration mode.B Enter the no switchport command to disable Layer 2 functionality at the interface level.C Each port participating in routing of Layer 3 packets must have an IP routing protocol assigned on aperinterface level.D Routing is enabled by default on a multilayer switch, so the port can become a Layer 3 routing interface by assigning the appropriate IP address and subnet information.

考题 多选题The network security policy requires that only one host be permitted to attach dynamically to each switch interfacE.If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy? ()ASwitch1(config-if)# switchport port-security maximum 1BSwitch1(config)# mac-address-table secureCSwitch1(config)# access-list 10 permit ip hostDSwitch1(config-if)# switchport port-security violation shutdownESwitch1(config-if)# ip access-group 10

考题 多选题By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? ()ACreate an additional ACL to block the access to VLAN 1.BMove the management VLAN to something other than default.CMove all ports to another VLAN and deactivate the default VLAN.DLimit the access in the switch using port security configuration.EUse static VLAN in trunks and access ports to restrict connections.FShutdown all unused ports in the Catalyst switch.

考题 多选题The network security policy requires that only one host be permitted to attach dynamically to each switch interface. If that policy is violated, the interface should shut down. Which two commands must the network administrator configure on the 2950 Catalyst switch to meet this policy (Choose two.)()。ASwitch1(config-if)# switchport port-security maximum 1BSwitch1(config)# mac-address-table secureCSwitch1(config)# access-list 10 permit ip hostDSwitch1(config-if)# switchport port-security violation shutdownESwitch1(config-if)# ip access-group 10

考题 单选题After enabling port security on a Cisco Catalyst switch, what is the default action when the configuredmaximum of allowed MAC addresses value is exceeded?()A The port’s violation mode is set to restrictB The port is shut downC The MAC address table is cleared and the new MAC address is entered into the tableD The port remains enabled, but bandwidth is throttled until old MAC addresses are aged out

考题 单选题When configuring port security on a Cisco Catalyst switch port, what is the default action taken by the switch if a violation occurs? ()A protect (drop packets with unknown source addresses)B restrict (increment SecurityViolation counter)C shut down (access or trunk port)D transition (the access port to a trunking port)

考题 单选题Which of the following should you enable to prevent a switch from forwarding packets with source  addresses that are outside an administratively defined group? ()A  DAIB  STPC  PVLAND  port security

考题 单选题A Company switch was configured as shown below:  switchport mode access  switchport port-security   switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002   switchport port-security violation shutdown   Given the configuration output shown above,  what happens when a host with the MAC address of  0003.0003.0003 is directly connected to the switch port? ()A  The host will be allowed to connect.B  The port will shut down.C  The host can only connect through a hub/switch where 0002.0002.0002 is already connected.  D  The host will be refused access.E  None of the other alternatives apply

考题 单选题What is the effect of applying the switchport trunk encapsulation dot1q command to a port on a Cisco Catalyst switch?()A By default, native VLAN packets going out this port will be tagged.B Without an encapsulation command, 802.1Q will be the default encapsulation if DTP fails to negotiate a trunking protocol.C The interface will support the reception of tagged and untagged traffic.D If the device connected to this port is not 802.1Q-enabled, it will not be able to handle 802.1Q packets.