You manage a Layer 2 network that spans two buildings. You are asked to ensure that all traffic that traverses
this connection between the two buildings is secured.
Which port security feature should be used to secure this Layer 2 traffic?
A.
IP source guard
B.
MACsec
C.
DHCP snooping
D.
dynamic ARP inspection
Answer B does not look correct.
1
0
MACsec provides industry-standard security through the use of secured point-to-point Ethernet links. The point-to-point links are secured after matching security keys—a user-configured pre-shared key when you enable MACsec using static connectivity association key (CAK) security mode, a user-configured static secure association key when you enable MACsec using static secure association key (SAK) security mode, or a dynamic key included as part of the AAA handshake with the RADIUS server when you enable MACsec using dynamic security mode—are exchanged and verified between the interfaces at each end of the point-to-point Ethernet link. Other user-configurable parameters, such as MAC address or port, must also match on the interfaces on each side of the link to enable MACsec
correct B
3
0