A network administrator needs to configure port security on a switch. Which two statements are true? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.CD
Port security is a technique used to restrict unauthorized access to the switch ports by limiting the number of MAC addresses that are allowed to connect to a port. This technique can be used to prevent MAC flooding attacks and other security threats.
To configure port security on a switch, the following two statements are true:
A. The network administrator can apply port security to dynamic access ports: Dynamic access ports are ports that are used to connect end-user devices such as desktops, laptops, and printers. The network administrator can apply port security to these ports to limit the number of MAC addresses that are allowed to connect to the port. The administrator can configure the maximum number of MAC addresses allowed on the port, and the action to be taken if the limit is exceeded (e.g., shutdown the port or restrict access).
B. The network administrator can apply port security to EtherChannels: EtherChannels are logical links that are formed by aggregating multiple physical links between two switches. The network administrator can apply port security to these links to limit the number of MAC addresses that are allowed to connect to the link. The administrator can configure the maximum number of MAC addresses allowed on the link, and the action to be taken if the limit is exceeded.
C. The sticky learning feature allows the addition of dynamically learned addresses to the running configuration: The sticky learning feature allows the switch to dynamically learn the MAC addresses of the devices that connect to the port and add them to the running configuration. This feature can be used to simplify the configuration process and ensure that only authorized devices are allowed to connect to the port.
D. When dynamic MAC address learning is enabled on an interface, the switch can learn new addresses, up to the maximum defined: When dynamic MAC address learning is enabled on a port, the switch can learn new MAC addresses up to the maximum defined by the administrator. If the maximum number of MAC addresses is exceeded, the switch can take action based on the configuration (e.g., shut down the port or restrict access).
E. The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN: The network administrator can configure static secure or sticky secure MAC addresses in the voice VLAN. This feature can be used to ensure that only authorized devices (such as IP phones) are allowed to connect to the voice VLAN. The administrator can configure the maximum number of MAC addresses allowed on the port, and the action to be taken if the limit is exceeded.