PrepAway - Latest Free Exam Questions & Answers

Which Cisco IOS command is used on a Catalyst 2950 seri…

Which Cisco IOS command is used on a Catalyst 2950 series switch to verify the port security configuration of a switch port?

PrepAway - Latest Free Exam Questions & Answers

A.
show interfaces port-security

B.
show port-securityinterface

C.
show ip interface

D.
show interfaces switchport

Explanation:
The show port-security interface command displays the current port security and status of a switch port, as in this sample output:
Switch# show port-security interfacefastethernet0/1
Port Security: Enabled
Port status: SecureUp
Violation mode: Shutdown
Maximum MAC Addresses: 2
Total MAC Addresses: 2
Configured MAC Addresses: 2
Aging Time: 30 mins
Aging Type: Inactivity
SecureStatic address aging: Enabled
Security Violation count: 0
The sample output indicates that port security has been enabled on interface FastEthernet0/1, and that a maximum of two MAC addresses have been configured. A
violation policy of Shutdown indicates that if a third MAC address attempts to makea connection, the switch port will be disabled.
The violation mode setting has three possible values that take the following actions when a violation occurs:
– protect Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value.
– restrict Drops packets with unknown source addresses until you remove a sufficient number of secure MAC addresses to drop below the maximum value and
causes the SecurityViolation counter to increment. It will send a Syslog message and an SNMP trap as well.
– shutdown Puts the interface into the error-disabled state immediately and sends an SNMP trap notification
The show ip interface command is incorrect because it displays protocol-related information about an interface, and nothing pertaining to switch port security.
The show interfaces switchport command is incorrect because it displays non-security related switch port information, such as administrative and operational status
and trunking.
The show interfaces port-security command is incorrect because this is not a valid Cisco command.
Objective:
LAN Switching Fundamentals
Sub-Objective:
Configure, verify, and troubleshoot port security


Leave a Reply