Cisco Certified Network Associate (CCNA) Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Cisco Certified Network Associate (CCNA) Practice Exam. Test your knowledge with our interactive quizzes featuring multiple choice questions, hints, and explanations. Equip yourself for success!

Start Multiple Choice Practice Test
Start Flash Cards

Practice this question and more.

Which port security violation mode allows traffic until a violation occurs?

  1. Shutdown

  2. Protect

  3. Restrict

  4. Disable

The correct answer is: Restrict

The correct choice is based on how the different port security violation modes manage traffic when a violation occurs. The "Restrict" mode allows legitimate traffic to pass through until a security violation is detected. This means that as long as no violations are occurring, the port will accept and forward traffic. However, once a violation happens—such as an unauthorized MAC address being detected—the action taken is to log the event and restrict the offending traffic, forcing it to be dropped, while still allowing legitimate traffic to flow. The other modes function differently. The "Shutdown" mode immediately puts the port into an error-disabled state without allowing any traffic, while "Protect" mode prevents unauthorized MAC addresses from sending frames but does not log the violation. "Disable" is not a recognized port security mode and suggests a general inactivity that doesn’t apply to port security functionalities.

More Questions Like This