A network administrator needs to configure port security on a switch. Which two statements are
true? (Choose two.)
A.
The network administrator can apply port security to dynamic access ports.
B.
When dynamic MAC address learning is enabled on an interface, the switch can learn new
addresses, up to the maximum defined.
C.
The sticky learning feature allows the addition of dynamically learned addresses to the running
configuration.
D.
The network administrator can configure static secure or sticky secure MAC addresses in the
voice VLAN.
E.
The network administrator can apply port security to EtherChannels.
+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group.
+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.
0
0
When you enable port security on an interface, you enable the dynamic learning method, and the device secures MAC addresses as inbound traffic passes through the interface.
If the address is not yet secured and the device has not reached any applicable maximum, it secures the address and allows the traffic.
Dynamic addresses are aged and dropped once the age limit is reached.
Dynamic addresses do not persist through restarts.
0
0
We only enable PortFast feature on access ports (ports connected to end stations).
But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports.
0
0
Dynamic address (Mac), not dynamic ports
0
0