Refer to the exhibit.
What three actions will the switch take when a frame with an unknown source MAC address
arrives at the interface? (Select three.)
A.
Send an SNMP trap.
B.
Send a syslog message.
C.
Increment the Security Violation counter.
D.
Forward the traffic.
E.
Write the MAC address to the startup-config.
F.
Shut down the port.
Security Violation counter
SW1#show port-security
Port Max Current Violation Action
—————————–
Fa0/1 2 2 7 Restrict
——————————
SW1(config)#int fa 0/1
SW1(config-if)#shut
SW1(config-if)#no shut
%LINK-3-UPDOWN: Interface FastEthernet0/1, changed state to up
SW1(config-if)#do show port-security
Port Max Current Violation Action
————————————–
Fa0/1 2 2 0 Restrict
————————————–
SW1(config-if)#
The Violation Mode is Restrict. In this mode, when the number of port secure MAC addresses reaches the maximum limit allowed on the port, packets with unknown source addresses are dropped.
You have to remove the secure mac-addresses below the maximum allowed number in order to learn a new MAC or allowing a host on the port. Also a SNMP trap is sent, a syslog message is logged in the syslog server and the violation counter increases.
Traps are network packets that contain data relating to a component of the system sending the trap. SNMP traps are alerts generated by agents on a managed device.
The Violation Mode is Restrict, not the default mode that disable s the port.
SNMP – syslog – count
Usually posts some quite interesting stuff like this. If youre new to this site.