Switchport Violations

Question 1

Shutdown Mode:

Answer 1

Behavior: When a violation occurs, the switch port is immediately put into an error-disabled state.
Purpose: Offers the highest level of security by completely isolating the offending device.
Command: switchport port-security violation shutdown

Question 2

Restrict Mode:

Answer 2

Behavior: When a violation occurs, the switch port drops frames from the violating device without taking the port offline.
Purpose: Allows network administrators to monitor and investigate potential security breaches without disrupting network connectivity.
Command: switchport port-security violation restrict

Question 3

Protect Mode:

Answer 3

Behavior: Similar to Restrict mode, frames from violating devices are dropped, but no violation logs or alerts are generated.
Purpose: Provides basic security by silently dropping frames without any alerting or logging.
Command: switchport port-security violation protect

Question 4

Shutdown VLAN Mode:

Answer 4

Behavior: When a violation occurs, the entire VLAN associated with the violating port is put into an error-disabled state.
Purpose: Isolates not only the offending device but also other devices in the same VLAN.
Command: switchport port-security violation shutdown vlan

Question 5

Sticky Mode:

Answer 5

Behavior: Dynamically learns and stores MAC addresses from devices that connect to the port and enforces port security based on this learned information.
Purpose: Simplifies the initial configuration by automatically populating the allowed MAC addresses.
Command: switchport port-security mac-address sticky