336,152 views
25 votes
25 votes
A network administrator configures the port security feature on a switch. the security policy specifies that each access port should allow up to two mac addresses. when the maximum number of mac addresses is reached, a frame with the unknown source mac address is dropped and a notification is sent to the syslog server. which security violation mode should be configured for each access port?

warning
protect
shutdown
restrict

User Max Kielland
by
2.5k points

1 Answer

21 votes
21 votes

Answer:

protect

Step-by-step explanation:

When the "protect" mode is configured, the port security feature on the switch will drop any frames with unknown source MAC addresses and send a notification to the syslog server when the maximum number of allowed MAC addresses is reached. This allows the network administrator to be notified of potential security violations, while still allowing the port to continue functioning and forwarding frames.

The other security violation modes have different behavior:

  • "warning" mode sends a notification to the syslog server but does not drop frames with unknown source MAC addresses.
  • "shutdown" mode disables the port when the maximum number of allowed MAC addresses is reached.
  • "restrict" mode drops all frames with unknown source MAC addresses, but does not send a notification to the syslog server.
User Ruthven
by
3.2k points