Home > CCNA – Security Questions

CCNA – Security Questions

March 23rd, 2015 Go to comments

Question 1

Explanation

We only enable PortFast feature on access ports (ports connected to end stations). But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports.

With BPDU Guard, when a PortFast receives a BPDU, it will be shut down to prevent a loop -> D is correct.

Question 2

Explanation

We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:

show_port-security_interface.jpg

Question 3

Explanation

The full syntax of the second command is:

switchport port-security mac-address sticky [MAC]

If we don’t specify the MAC address (like in this question) then the switch will dynamically learn the attached MAC Address and place it into your running-configuration -> B is correct.

Question 4

Explanation

Please read the explanation at http://www.9tut.net/icnd2/icnd2-operations

Question 5

Explanation

Port security is only used on access port (which connects to hosts) so we need to set that port to “access” mode, then we need to specify the maximum number of hosts which are allowed to connect to this port -> C is correct.

Note: If we want to allow a fixed MAC address to connect, use the “switchport port-security mac-address ” command.

Question 6

Explanation

As we see in the output, the “Port Security” is in “Disabled” state (line 2 in the output). To enable Port security feature, we must enable it on that interface first with the command:

SwitchA(config-if)#switchport port-security

-> B is correct.

Also from the output, we learn that the switch is allowing 2 devices to connect to it (switchport port-security maximum 2) but the question requires allowing only PC_A to access the network so we need to reduce the maximum number to 1 -> D is correct.

Question 7

Explanation

Follow these guidelines when configuring port security:
+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports. -> A is not correct.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group. -> D is not correct
+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN. -> B is not correct.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.

(Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swtrafc.html#wp1038546)

Note: Dynamic access port or Dynamic port VLAN membership must be connected to an end station. This type of port can be configured with the “switchport access vlan dynamic” command in the interface configuration mode. Please read more about Dynamic access port here: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swvlan.html#wp1103064

Question 8

Explanation

One of the most widely deployed network security technologies today is IPsec over VPNs. It provides high levels of security through encryption and authentication, protecting data from unauthorized access.

Comments (40) Comments
Comment pages
1 7 8 9 1768
  1. pratheesh.kamal@gmail.com
    December 17th, 2016

    Can anybody sent me the ccna security(210-260) new dumps.I will share which iam having

  2. Sang
    December 21st, 2016

    Could anybody share CCNA security latest dump . @ {email not allowed}

  3. Anonymous
    December 21st, 2016

    Latest and greatest NA-SEC 210-260 please to… Ambition_17 at yahoo dot com

  4. anonymous
    December 22nd, 2016

    I thought I had the latest dumps however when I did the exam yesterday there were loads of new questions, if you want me to check your dumps to see if they contain the latest questions email me at tahakhan1981 at outlook dot com

  5. M.K
    December 23rd, 2016

    Hello,
    Can anyone send me the latest dump for CCNA security 210-260?
    {email not allowed}

  6. kamalmalhi71@gmail.com
    December 23rd, 2016

    Hello,
    Can anyone send me the latest dump for CCNA security 210-260 plz?
    kamalmalhi71 at gmail

  7. Anonymous
    December 23rd, 2016

    I gave Sec exam 3 days ago. A number of questions were new. I had 3-4 dump files from different websites but these new questions were nowhere. Even a number of questions that were from from dumps had choose 2 correct options in the exam whereas in the dumps they had only 1 answer. To pass the exam, you will for sure need to do these extra questions that are out of dumps. If anyone has the latest dumps after december 15 this year, please email kamalmalhi71 at gmail dot com.
    Thank you

  8. Great
    December 24th, 2016

    Good day Every one,
    Complement of the season, it is nice been in this chat room once again
    Can any one please tell me what is happening, it has been a while I wrote an Exam, but checking exam collection website today to get dumps for CCNA Security 640-554 or 640-553 i could not even see cisco as one of the vendor any longer. It seems cisco dumps is no longer in http://www.examcollection.com ?

    Please where else can we get latest Cisco dumps ?

    Please do any one have the latest dump on CCNA Security 640-554 or 553 ?

  9. Nick
    December 28th, 2016

    Would appreciate if anyone share acs download link.

  10. Anonymous
    December 28th, 2016

    ccna security is now 210-260 not CCNA Security 640-554 or 553 ?

  11. Anki
    December 29th, 2016

    Hello!

    I’m training CCNA Security 2 at Netacad.com. During the course we will do 11 chapter exams and then Final exam.

    I just wonder, is that Final exam different from 210-260 exam? Do I have to do the 210-260 exam later, if I want to have the certificate?

    Thanks!

  12. Sajjad
    December 30th, 2016

    Hi to All,
    Hope you all doing well !
    I am preparing for CCNA Security Exam, Can someone give me dump for CCNA Secuirty (210-260) please, if anybody has plz send ti to my email sajjad.anwer 2 @ gmail .com ,

    Thanks & Reagrds
    Sajjad

  13. fx
    December 31st, 2016

    Please i need current dumps for CCNA 210-260 as i am writing next week

    efosaogbomo @gmail .com

    Thank you

  14. Khelo
    December 31st, 2016

    Please send me last 210-260 dump
    Khaledhussam @ hotmail . com

  15. khalilo
    January 1st, 2017

    Hello,

    Hello,

    Can anyone send me the latest dump for CCNA security 210-260?

    Thanks,

    Khalil.adonis @ Hotmail.fr

  16. Xestofan
    January 2nd, 2017

    Hi All,

    Please share the latest CCNA Security 210-260 dump (pdf please).
    xestofan at gmail dot com

  17. C10max
    January 3rd, 2017

    I have to give 210-260 next week. Please send me the latest dumps if available.
    chm130430 @ gmail com

    Thanks.

  18. boldboy67
    January 3rd, 2017

    Can anyone send me latest ccna security dumps too?
    bold boy 67 @ hotmail com

  19. Castigers
    January 3rd, 2017

    I have the exam in a few weeks and would appreciate the new dump please to see what questions are different. johnmortimer22 @ gmail com
    Thanks

  20. PoserJack
    January 5th, 2017

    I too would like the new dump for 210-260. theviv69 @ hotmail .com

  21. Coldplay
    January 9th, 2017

    if anybody want questions for 210-260 security let me know by commenting on this

  22. Tdot
    January 9th, 2017

    Hi Coldplay, I am interested in the questions if you have them.
    Email: {email not allowed}

  23. Tdot
    January 9th, 2017

    mplssucks @ gmail.com

  24. Anonymous
    January 9th, 2017

    Hello guys, please i need latest dump for ccna security 210-260

  25. tammy_2020@hotmail.com
    January 9th, 2017

    please send me ccna security dump 210-260

  26. Anonymous
    January 9th, 2017

    Please send ccna security 210-260 dump
    sdearious @ gmail.com

  27. Roni
    January 9th, 2017

    Hi
    Can anyone send me the latest dump for CCNA security 210-260 plz

    Roni555 @ gmail.com

    thx

  28. c10max
    January 10th, 2017

    Hi Coldplay,
    can you please send me 210-260 questions on chm130430 @ gmail . com
    thanks.

  29. Anonymous
    January 10th, 2017

    Please can anyone email me the latest dump for CCNA security 210-260?? thx!

    robpee70 @ yahoo com

  30. edoego
    January 10th, 2017

    Hello Coldplay,
    Will much appreciate if you send me security questions.
    edoego87 at gmail.com

    Thanks very much

  31. Anonymous
    January 13th, 2017

    Hi all could you please share ccna security 210-260 last dump updates ? please , send me {email not allowed} thanks all

  32. greenlowjack.devil@gmail.com
    January 15th, 2017

    Hi everyone,

    Can anyone send me CCNA security 210-260 last dump if you have please, I am writing the exam in 3 days. greenlowjack.devil @gmail . com

  33. max
    January 15th, 2017

    hi guyS, can you please share with me your 210-260 dumps. kindly send it to my email. maximino.lachica @ gmai.com. thank you in advance

  34. Tdot
    January 15th, 2017

    Did anyone get a response from coldplay?

  35. FURY
    January 15th, 2017

    good days guys.. please share any latest dumps for ccna security exam. thank you. {email not allowed}

  36. badstartdivineending@gmail.com
    January 15th, 2017

    please share.ty

  37. tecguy
    January 16th, 2017

    Hi guys,

    Can anyone send me a ccna sec. dump to administrator @itconsult-tz .com

    Thanks,

  38. ansar javaid
    January 16th, 2017

    Hi there please send me dumps of ccna security on this email
    {email not allowed}

  39. ansar javaid
    January 16th, 2017

    Hi there please send me dumps of ccna security on this email
    ({email not allowed})

Comment pages
1 7 8 9 1768