Refer to the exhibit.

What happens when one more user is connected to interface FastEthernet 5/1?

A.
All secure addresses age out and are removed from the secure address list. The security
violation counter increments.

B.
The first address learned on the port is removed from the secure address list and is
replaced with the new address.

C.
The interface is placed into the error-disabled state immediately, and an SNMP trap
notification is sent.

D.
The packets with the new source addresses are dropped until a sufficient number of
secure MAC addresses are removed from the secure address list.

Explanation:
You can configure the interface for one of these violation modes, based on the action to be
taken if a
violation occurs:
+ Restrict—A port security violation restricts data, causes the SecurityViolation counter to
increment,
and causes an SNMP Notification to be generated. The rate at which SNMP traps are
generated can be
controlled by the snmp-server enable traps port-security trap-rate command. The default
value (“0”)
causes an SNMP trap to be generated for every security violation.
+ Shutdown—A port security violation causes the interface to shut down immediately. When
a secure
port is in the error-disabled state, you can bring it out of this state by entering the errdisable
recovery cause psecure_violation global configuration command or you can manually
reenable it
by entering the shutdown and no shut down interface configuration commands. This is the default mode.
In this case, shutdown mode is used.
Reference:

http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/19ew/configuration/guide/port_sec.pdf