Cisco Certified Network Associate (CCNA) Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Cisco Certified Network Associate (CCNA) Practice Exam. Test your knowledge with our interactive quizzes featuring multiple choice questions, hints, and explanations. Equip yourself for success!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

What does the command (config)#switchport port-security violation protect do?

  1. Blocks offending MAC address permanently

  2. Allows traffic to continue but drops packets from offending addresses

  3. Shuts down the port if a violation is detected

  4. Logs the violation and allows the port to function normally

The correct answer is: Allows traffic to continue but drops packets from offending addresses

The command (config)#switchport port-security violation protect is used to configure port security on a switch port. When you set the violation mode to "protect," it allows the port to continue functioning and forwarding traffic while it drops packets from any MAC addresses that exceed the allowed limit. This means that legitimate traffic from other devices is not affected, but any traffic from addresses that are considered violations is simply discarded. This approach is beneficial because it helps maintain network stability by ensuring that the port remains operational, even in the event of a security violation. The switch does not shut down the port or block the offending MAC address permanently; it only drops the packets for those unauthorized addresses. In contrast, other modes like shutdown would lose all port functionality and logging might still occur, but the "protect" mode notably keeps the port active while managing potential security breaches.

More Questions Like This