Need Feedback on a Test Question

Hello Everyone,

I wanted to post this question on the cisco forum because I wanted feedback on what the consensus thought should be the correct answer as I disagree with the test engine. The test question is as follows...

Given the following configuration on a switch interface, what happens what a host with the MAC address of 0003.0003.0003 is directly connected to the switch port?

switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002 switchport port-security violation shutdown

Choices are:

A- The port will shut down. B- The host will be allowed to connect. C- The host will be refused access. D- The host can only connect through a hub/switch where 0002.0002.0002 is already connected.

Regards,

Adil

Reply to
AN
Loading thread data ...

Hello Everyone,

I wanted to post this question on the cisco forum because I wanted feedback on what the consensus thought should be the correct answer as I disagree with the test engine. The test question is as follows...

Given the following configuration on a switch interface, what happens what a host with the MAC address of 0003.0003.0003 is directly connected to the switch port?

switchport mode access switchport port-security switchport port-security maximum 2 switchport port-security mac-address 0002.0002.0002 switchport port-security violation shutdown

Choices are:

A- The port will shut down. B- The host will be allowed to connect. C- The host will be refused access. D- The host can only connect through a hub/switch where 0002.0002.0002 is already connected.

Regards,

Adil

Reply to
AN

Insufficient information.

Two addresses are configured for the port, so it is not a simple case of shutting down the port as soon as it sees an additional MAC address beyond the one specifically configured.

No MAC aging is configured on the port, and dynamic MAC addresses are not removed by a simple port carrier transition.

We are given that 0003.0003.0003 is directly connected to the switch port; that implies that there are no other currently active hosts on the port that might be interferring with the question.

However, what we are not told is whether any host other than

0003.0003.0003 or 0002.0002.0002 has been connected to the port since the port was last "no shutdown" (e.g., boot time) or errdisable recovery'd or no switchport port-security mac-addres'd

We therefore do not have enough information to answer the question.

- if any MAC other than 0002.0002.0002 or 0003.0003.0003 has been on the port since the last time the entries were cleared, then the port will shutdown, answer A.

- if 0002.0002.0002 and/or 0003.0003.0003 are the only MACs presented to the port since the last time the entries were cleared, then the port will permit the packet, answer B.

Reply to
Walter Roberson

Thanks for your feedback. Based on the information given in the question, I assumed that a host with the mac address of 0003.0003.0003 was the only the other host that connected to the port other than the one whose mac address has been statically configured for the port. So based on this assumption, I chose answer B, the port will permit the packet but the answer key says that the answer is A, which I don't understand how that could be.

If there is anyone else out there that can shed some light why the answer key says that answer A is correct (who knows, it could be a mistake), please feel free to provide your feedback.

Thanks,

Adil

Reply to
AN

You are right. Answer B is correct. The host will be allowed to connect because of this statement: switchport port-security maximum 2. If it was set to one, then it would shutdown, but since it is set to 2, it will allow the host to connect. After a third host tries to connect, then it will shutdown. Hope this helps; this question is guaranteed to be on your switching exam.

AN wrote:

Reply to
ttrotter01

You are right. Answer B is correct. The host will be allowed to connect because of this statement: switchport port-security maximum 2. If it was set to one, then it would shutdown, but since it is set to 2, it will allow the host to connect. After a third host tries to connect, then it will shutdown. Hope this helps; this question is guaranteed to be on your switching exam.

AN wrote:

Reply to
ttrotter01

Thanks so much. By the way, I passed my advanced switching exam!!

Reply to
AN

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.