Which of these correctly describes the results of port security violation of an unknown packet?

Refer to the exhibit.

Which of these correctly describes the results of port security violation of an unknown packet?

Refer to the exhibit.

Which of these correctly describes the results of port security violation of an unknown packet?

A.
port enabled; unknown packets dropped; no SNMP or syslog messages

B.
port enabled; unknown packets dropped; SNMP or syslog messages

C.
port disabled; no SNMP or syslog messages

D.
port disabled; SNMP or syslog messages



Leave a Reply 2

Your email address will not be published. Required fields are marked *


may

may

The default violation mode is shutdown, which will shutdown the port when the maximum number of secure MAC addresses is exceeded. It also sends an SNMP trap, logs a syslog message, and increments the violation counter

Mace

Mace

The default violation mode is shutdown, which will shutdown the port when the maximum number of secure MAC addresses is exceeded. It also sends an SNMP trap, logs a syslog message, and increments the violation counter.

The three violation modes are listed below:

+protect – When the number of secure MAC addresses reaches the limit allowed on the port, packets with unknown source addresses are dropped until you remove a sufficient number of secure MAC addresses or increase the number of maximum allowable addresses. You are not notified that a security violation has occurred.

+restrict – When the number of secure MAC addresses reaches the limit allowed on the port, packets with unknown source addresses are dropped until you remove a sufficient number of secure MAC addresses or increase the number of maximum allowable addresses. In this mode, you are notified that a security violation has occurred. Specifically, an SNMP trap is sent, a syslog message is logged, and the violation counter increments.

+shutdown – In this mode, a port security violation causes the interface to immediately become error-disabled, and turns off the port LED. It also sends an SNMP trap, logs a syslog message, and increments the violation counter. When a secure port is in the error-disabled state, you can bring it out of this state by entering the errdisable recovery cause psecure-violation global configuration command, or you can manually re-enable it by entering the shutdown and no shutdown interface configuration commands. This is the default mod