Cisco Switch Port Security Configuration | Exam 200-125 Answer

Cisco Switch Port Security Configuration

Prev Question Next Question


What will be the result if the following configuration commands are implemented on a Cisco switch?

Switch(config-if)# switchport port-security

Switch(config-if)# switchport port-security mac-address sticky



Click on the arrows to vote for the correct answer

A. B. C. D. E.


The two commands mentioned in the question configure port security on a Cisco switch interface and are used to restrict the number of devices that can access a particular port.

The first command, switchport port-security, enables port security on the interface, while the second command, switchport port-security mac-address sticky, enables sticky learning of the MAC address. Sticky MAC address learning means that the switchport will dynamically learn the MAC address of the device connected to the port and then configure the port to only allow that MAC address to access the port in the future.

Answer B is correct. When a MAC address is dynamically learned by the switch through the switchport port-security mac-address sticky command, it is saved in the running-configuration file, which is the active configuration of the switch. This is because sticky learning is a dynamic process and the switch needs to keep track of the learned MAC addresses in real-time.

Answer A is incorrect because dynamically learned MAC addresses are not saved in the startup-configuration file. The startup-configuration file is used to store the configuration that the switch uses when it is powered on, and it does not change unless the administrator makes changes to the configuration and saves it.

Answer C is also incorrect because the VLAN database is not used to store dynamically learned MAC addresses. The VLAN database is used to store information about VLANs and their associated ports, not MAC addresses.

Answer D is incorrect because the switchport port-security mac-address sticky command enables dynamic learning of MAC addresses, not static configuration of MAC addresses.

Answer E is incorrect because, as mentioned earlier, sticky MAC address learning is a dynamic process and the learned MAC addresses are saved in the running-configuration file, not the startup-configuration file.