What will be the effect of executing the following command on port F0/1?
switch(config-if)# switchport port-security mac-address 00C0.35F0.8301
A.
The command statically defines the MAC address of 00c0.35F0.8301 as an allowed host on the switch port.
B.
The command expressly prohibits the MAC address of 00c0.35F0.8301 as an allowed host on the switch
port.
C.
The command configures an inbound access control list on port F0/1 limiting traffic to the IP address of the
host.
D.
The command encrypts all traffic on the port from the MAC address of 00c0.35F0.8301.
Explanation:
The command statically defines the MAC address of 00c0.35F0.8301 as an allowed host on the switch port. By
default, an unlimited number of MAC addresses can be learned on a single switch port, whether it is configured
as an access port or a trunk port. Switch ports can be secured by defining one or more specific MAC addresses
that should be allowed to connect, and violation policies (such as disabling the port) if additional hosts try to
gain a connection.
The switchport port-security mac-address 00C0.35F0.8301 command statically defines the MAC address of
00c0.35F0.8301 as an allowed host on the switch port.
The switchport port-security mac-address 00C0.35F0.8301 command does not expressly prohibit the MAC
address of 00c0.35F0.8301 as an allowed host on the switch port. The port-security command is designed toidentify allowed MAC addresses not prohibited addresses.
The switchport port-security mac-address 00C0.35F0.8301 command does not configure an inbound access
control list on port F0/1 limiting traffic to the IP address of the host. It will accept traffic to the port, but will only
allow a device with that MAC address to be connected to the port.
The switchport port-security mac-address 00C0.35F0.8301 command does not encrypt all traffic on the port
from the MAC address of 00c0.35F0.8301. The port-security command has nothing to do with encryption.
Objective:
Infrastructure Security
Sub-Objective:
Configure, verify, and troubleshoot port securityCisco > Catalyst 6500 Release 12.2SXH and Later Software Configuration Guide > Configuring Port Security >
Enabling Port Security
Cisco > Support > Cisco IOS Security Command Reference: Commands S to Z > switchport port-security macaddress