Home > CCNA – Security Questions

CCNA – Security Questions

March 23rd, 2015 Go to comments

Question 1

Explanation

We only enable PortFast feature on access ports (ports connected to end stations). But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports.

With BPDU Guard, when a PortFast receives a BPDU, it will be shut down to prevent a loop -> D is correct.

Question 2

Explanation

We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:

show_port-security_interface.jpg

Question 3

Explanation

The full syntax of the second command is:

switchport port-security mac-address sticky [MAC]

If we don’t specify the MAC address (like in this question) then the switch will dynamically learn the attached MAC Address and place it into your running-configuration -> B is correct.

Question 4

Explanation

Please read the explanation at http://www.9tut.net/icnd2/icnd2-operations

Question 5

Explanation

Port security is only used on access port (which connects to hosts) so we need to set that port to “access” mode, then we need to specify the maximum number of hosts which are allowed to connect to this port -> C is correct.

Note: If we want to allow a fixed MAC address to connect, use the “switchport port-security mac-address ” command.

Question 6

Explanation

As we see in the output, the “Port Security” is in “Disabled” state (line 2 in the output). To enable Port security feature, we must enable it on that interface first with the command:

SwitchA(config-if)#switchport port-security

-> B is correct.

Also from the output, we learn that the switch is allowing 2 devices to connect to it (switchport port-security maximum 2) but the question requires allowing only PC_A to access the network so we need to reduce the maximum number to 1 -> D is correct.

Question 7

Explanation

Follow these guidelines when configuring port security:
+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports. -> A is not correct.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group. -> D is not correct
+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN. -> B is not correct.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.

(Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swtrafc.html#wp1038546)

Note: Dynamic access port or Dynamic port VLAN membership must be connected to an end station. This type of port can be configured with the “switchport access vlan dynamic” command in the interface configuration mode. Please read more about Dynamic access port here: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swvlan.html#wp1103064

Question 8

Explanation

One of the most widely deployed network security technologies today is IPsec over VPNs. It provides high levels of security through encryption and authentication, protecting data from unauthorized access.

Comments (34) Comments
Comment pages
1 11 12 13 1768
  1. lukas
    September 6th, 2017

    Please send me latest CCNA Security 210-260 Dumps on plk.trade.services (at) gmail.com. Thank you so much

  2. Gremlin
    September 6th, 2017

    Anyone use Actual4test ? if so whats your thoughts.

  3. Anonymous
    September 11th, 2017

    some1 plz share CCNA Security exam latest dumps. MAIL TO: {email not allowed}

  4. Solid
    September 17th, 2017

    Please what is the best textbook you guys gonna recommend for the CCNA 210 – 260 security. Please and I also need the latest dumb for the exam. my email. ibtijay at gmail* com. Thanks

  5. Anonymous
    September 20th, 2017

    Can anyone send me the latest 210-260 dumps for CCNA security? “almuig @ g m a i l . c o m”

  6. shankar
    September 21st, 2017

    Please send me latest 210-260 dumps “{email not allowed}”

  7. Marlon
    September 21st, 2017

    Please send me latest CCNA Security 210-260 Dumps.
    {email not allowed}
    thanks

  8. Marlon
    September 21st, 2017

    marlon bicudo1 @ gmail com

  9. Marlon
    September 21st, 2017

    marlon(.)bicudo1 @ gmail(.)com

  10. DON
    October 2nd, 2017

    Can anyone send me the latest 210-260 dumps for CCNA security? {email not allowed}

  11. DON
    October 2nd, 2017

    Can anyone send me the latest 210-260 dumps for CCNA security? donathien.sima(a)gmail

  12. Rob
    October 3rd, 2017

    Taking my test soon and would like some help to verify knowledge infamousrob412() gmail com

  13. tuan
    October 6th, 2017

    please sent to me the new dump of the exam. my email is nguyenmanhtuan1509(at) gmail com

  14. Anonymous
    October 11th, 2017

    Can anyone send me the CCNA Security Dumps to bballsmiles at Gmail. I have an exam next week. Thanks in advance.

  15. Lu
    October 11th, 2017

    Hi Guys,
    Can anyone of you share with me latest 210-260 dumps? Please send them to acidgrempa at gmail dot com Thank you!

  16. Mariam
    October 12th, 2017

    Please send me latest CCNA Security 210-260 Dumps.
    {{email not allowed}}

  17. Mariam
    October 12th, 2017

    Please send me latest CCNA Security 210-260 Dumps.
    Mariam.zaki47(a)gmail

  18. Jolie
    October 13th, 2017

    Please i need the practise Qs for exam you send to me funkejolie (at) gmail com

    CCNA Security 210-260

    Thank you!!!

  19. Art
    October 16th, 2017

    Please somebody send me 210-260 actual dumps
    arthur898989 at gmail
    Thanks in advance.

  20. W
    October 19th, 2017

    Can someone send me
    210-260 actual dumps atlastros at yahoo

  21. tim
    October 19th, 2017

    Can anyone send the latest 210 260 dumps

    timtim91(@)list(.)ru

    just remove ()

    thank you in advance

  22. Mika
    October 23rd, 2017

    Hello Can anyone please send the latest 210 260 dumps

    blueanuart @ g m a i l .c o m

    Thank you :)

  23. Bk
    October 24th, 2017

    Please send me the last dump

    kababakaramoko @ gmail . Com

  24. King
    October 25th, 2017

    Please send me the last dump
    ekiams7 @ gmail . Com

  25. Harshig89
    October 26th, 2017

    Harshig89(at)Gmail(dot)com

    I am willing to pay for latest vce files or dumps for practise. This is not for cheat coding exam but to get first hand experience.

    I can pay for your help. Thank you.

  26. ana
    October 26th, 2017

    please, someone sent me the last dump for the exam 210-260, I need to do this exam in this days, please, this is my email nilana255gmail.com
    thanks

  27. Vester
    October 27th, 2017

    Please send me the latest 210-260 dump on ndonyana01atgmail.com

  28. Prince
    October 27th, 2017

    Please update me with new questions from the exam just to be sure what to expect.Thank you

  29. B_TH
    October 29th, 2017

    Plase shared dump to me
    mail : birdyaha at hotmail [.] com

    thank you

  30. t
    October 30th, 2017

    please can someone send me latest dumps for ccna security 210-260 to mshah122 (at) hotmail (.) com thanks

  31. mos
    October 30th, 2017

    can anyone help me wth the latest dump plzz

  32. John
    October 30th, 2017

    Could someone share update dumps by ccna security 210-260, I will do this exam next week.

    mail: jpsard at gmail [.] com

    regards

    João Paulo

  33. Angola
    October 30th, 2017

    Has anyone taken this exam recently? kindly share your experience; the book you used, dumps validity, issue encountered during the exam, and anything comes to mind that will help future candidates. Thank you.

  34. Anonymous
    November 3rd, 2017

    All the people who is been looking for the dumps go to below site

    http://www.securitytut.com/ccna-security-210-260/share-your-ccna-security-experience-2

Comment pages
1 11 12 13 1768
Add a Comment