Which SAN security mechanism will prevent a switch port from being enabled even after a switch
reboot?

A.
Persistent Port Disable

B.
Port Binding

C.
Port Lockdown

D.
Persistent Switch Disable

Explanation:
Securing FC Switch Ports
Apart from zoning and LUN masking, additional security mechanisms, such as port binding, port
lockdown, port lockout, and persistent port disable, can be implemented on switch ports.
Port binding: Limits the devices that can attach to a particular switch port and allows only the
corresponding switch port to connect to a node for fabric access. Port binding mitigates but does
not eliminate WWPN spoofing.
Port lockdown and port lockout: Restrict a switch port’s type of initialization. Typical variants of port
lockout ensure that the switch port cannot function as an E-Port and cannot be used to create an
ISL, such as a rogue switch. Some variants ensure that the port role is restricted to only F-Port, EPort, or a combination of these.
Persistent port disable: Prevents a switch port from being enabled even after a switch reboot.
EMC E10-001 Student Resource Guide
Module 14: Securing the Storage Infrastructure