Challenge yourself with these questions about Port Security. These questions are from my text – CCNA Routing and Switching 200-125 Exam Cram (5th Edition)

1. If you issue the single switchport port-security command, name the
resulting port-security mode, violation action, and maximum number of
MAC addresses permitted.
_________

2. What form of port security combines aspects of dynamic learning with
static learning?
_________

3. What command allows you to verify the port-security settings of the Gi0/1
interface?
_________

4. What command precedes the switchport port-security command typically?
A. switchport port-security enable
B. switchport mode access
C. switchport mode secure
D. switchport data enable

5. What violation mode does Cisco not recommend?
A. Restrict
B. Shutdown
C. Error
D. Protect

6. What are two options for recovering from an error disabled port due to port
security? (Choose two.)
A. Port Security Auto Recovery
B. errdisable recovery
C. Manual recovery
D. Port Security Disable

Answers:

1. The mode is dynamic port security, the violation action is Shutdown, and the maximum MAC addresses is 1.

2. Sticky learning.

3. show port-security interface gi0/1

4. B is correct. The switchport mode access command typically must precede switchport port-security as the port cannot be dynamic.

5.  D is correct. Cisco does not recommend the Protect mode as it does not alert the administrator of any violation.

6. B and C are correct. You can have automatic recovery with errdisable recovery, or you can manually recover from the situation.