You are implementing basic switch security best practices.
Which of these is a tactic that you can use to mitigate compromises from being launched through the switch?()
A.Make all ports private VLAN ports.
B.Place all unused ports in native VLAN 1 until needed.
C.Proactively configure unused switch ports as access ports.
D.Disable Cisco Discovery Protocol globally.
您可能感興趣的試卷
你可能感興趣的試題
Three Cisco Catalyst switches have been configured with a first-hop redundancy protocol. While reviewing some show commands, debug output, and the syslog, you discover the following information:
What conclusion can you infer from this information?()
A.VRRP is initializing and operating correctly.
B.HSRP is not properly exchanging three hello messages.
C.VRRP is not properly exchanging three hello messages.
D.HSRP is initializing and operating correctly.
E.GLBP is not properly exchanging three hello messages.
F.GLBP is initializing and operating correctly.
You work as a network engineer for . You study the exhibit carefully. Three switches are configured for HSRP. Switch1 remains in the HSRP listen state.
What is the most likely cause of this status?()
A.this is normal operation
B.IP addressing is incorrect
C.standby group number does not match VLAN number
D.incorrect standby timers
E.incorrect priority commands
hostname Switch1
interface Vlan10
ip address 172.16.10.32 255.255.255.0
no ip redirects
standby 1 ip 172.16.10.110
standby 1 timers 1 5
standby 1 priority 130
hostname Switch2
interface Vlan10
ip address 172.16.10.33 255.255.255.0
no ip redirects
standby 1 ip 172.16.10.110
standby 1 timers 1 5
standby 1 priority 120
HSRP was implemented and configured on two switches while scheduled network maintenance was performed.
After the two switches have finished rebooting, you notice via show commands that Switch2 is the HSRP active router.
Which two items are most likely the cause of Switch1 not becoming the active router? ()
A.premption is disabled
B.standby group number does not match VLAN number
C.IP addressing is incorrect
D.IP redirect is disabled
E.incorrect standby timers
F.booting delays
You work as a network engineer for . You study the exhibit carefully. From the configuration shown,
what can be determined?()
Exhibit:
A.The remaining secure MAC addresses will be dynamically learned, converted to sticky secure MAC addresses, and added to the running configuration.
B.Since a voice VLAN is configured in this example, port security should be set for a maximum of 2.
C.The sticky addresses will only be those manually configured MAC addresses enabled with the sticky keyword.
D.A security violation will restrict the number of addresses to a maximum of 10 addresses per access VLAN and voice VLAN. The port will be shut down if more than 10 devices per VLAN attempt to access the port.
When you enable port security on an interface that is also configured with a voice VLAN,
what is the maximum number of secure MAC addresses that should be set on the port?()
A.No more than one secure MAC address should be set.
B.The default will be set.
C.The IP phone should use a dedicated port, therefore only one MAC address is needed per port.
D.No value is needed if the switchport priority extend command is configured.
E.No more than two secure MAC addresses should be set.
最新試題
What two things will occur when an edge port receives a BPDU?()
Refer to the exhibit. What will happen when one more user is connected to interface FastEthernet 5/1? ()
Refer to the exhibit. LACP has been configured on Switch1 as shown. Which is the correct command set to configure LACP on Switch2?()
Refer to the exhibit. Initially, LinkA is connected and forwarding traffic. A new LinkB is then attached between SwitchA and HubA. Which two statements are true about the possible result of attaching the second link?()
Which statement is correct about RSTP port roles?()
Which two statements about the various implementations of STP are true?()
Which statement is correct about the use of the virtual interface on a WLC ?()
During routine maintenance, G1/0/1 on DS1 was shutdown. All other interface were up. DS2 became the active HSRP device for Vlan101 as desired. However, after G1/0/1 on DS1 was reactivated. DS1 did not become the active HSRP device as desired. What need to be done to make the group for Vlan101 function properly ? ()
DS2 has not become the active device for Vlan103’s HSRP group even though all interfaces are active. As related to Vlan103’s HSRP group. What can be done to make the group function properly ? ()
Refer to the exhibit. What does the command channel-group 1 mode desirable do? ()