Home > CCNA – Security Questions

CCNA – Security Questions

March 23rd, 2015 Go to comments

Question 1

Explanation

We only enable PortFast feature on access ports (ports connected to end stations). But if someone does not know he can accidentally plug that port to another switch and a loop may occur when BPDUs are being transmitted and received on these ports.

With BPDU Guard, when a PortFast receives a BPDU, it will be shut down to prevent a loop -> D is correct.

Question 2

Explanation

We can verify whether port security has been configured by using the “show running-config” or “show port-security interface ” for more detail. An example of the output of “show port-security interface ” command is shown below:

show_port-security_interface.jpg

Question 3

Explanation

The full syntax of the second command is:

switchport port-security mac-address sticky [MAC]

If we don’t specify the MAC address (like in this question) then the switch will dynamically learn the attached MAC Address and place it into your running-configuration -> B is correct.

Question 4

Explanation

Please read the explanation at http://www.9tut.net/icnd2/icnd2-operations

Question 5

Explanation

Port security is only used on access port (which connects to hosts) so we need to set that port to “access” mode, then we need to specify the maximum number of hosts which are allowed to connect to this port -> C is correct.

Note: If we want to allow a fixed MAC address to connect, use the “switchport port-security mac-address ” command.

Question 6

Explanation

As we see in the output, the “Port Security” is in “Disabled” state (line 2 in the output). To enable Port security feature, we must enable it on that interface first with the command:

SwitchA(config-if)#switchport port-security

-> B is correct.

Also from the output, we learn that the switch is allowing 2 devices to connect to it (switchport port-security maximum 2) but the question requires allowing only PC_A to access the network so we need to reduce the maximum number to 1 -> D is correct.

Question 7

Explanation

Follow these guidelines when configuring port security:
+ Port security can only be configured on static access ports, trunk ports, or 802.1Q tunnel ports. -> A is not correct.
+ A secure port cannot be a dynamic access port.
+ A secure port cannot be a destination port for Switched Port Analyzer (SPAN).
+ A secure port cannot belong to a Fast EtherChannel or Gigabit EtherChannel port group. -> D is not correct
+ You cannot configure static secure or sticky secure MAC addresses on a voice VLAN. -> B is not correct.
+ When you enable port security on an interface that is also configured with a voice VLAN, you must set the maximum allowed secure addresses on the port to at least two.
+ If any type of port security is enabled on the access VLAN, dynamic port security is automatically enabled on the voice VLAN.
+ When a voice VLAN is configured on a secure port that is also configured as a sticky secure port, all addresses seen on the voice VLAN are learned as dynamic secure addresses, and all addresses seen on the access VLAN (to which the port belongs) are learned as sticky secure addresses.
+ The switch does not support port security aging of sticky secure MAC addresses.
+ The protect and restrict options cannot be simultaneously enabled on an interface.

(Reference: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swtrafc.html#wp1038546)

Note: Dynamic access port or Dynamic port VLAN membership must be connected to an end station. This type of port can be configured with the “switchport access vlan dynamic” command in the interface configuration mode. Please read more about Dynamic access port here: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-1_19_ea1/configuration/guide/3550scg/swvlan.html#wp1103064

Question 8

Explanation

One of the most widely deployed network security technologies today is IPsec over VPNs. It provides high levels of security through encryption and authentication, protecting data from unauthorized access.

Comments (31) Comments
Comment pages
1 15 16 17 1768
  1. Anonymous
    March 30th, 2019

    Please send latest valid dumps for ccna security on wonder.womann1425 @ gmail.com.
    Any help is highly appreciated.

  2. UMMI
    April 1st, 2019

    HI there , if anyone passed recently, which dumps are valid, please comment

  3. Anonymous
    April 1st, 2019

    Please send the latest ccna security dumps to {email not allowed}

  4. Anonymous
    April 2nd, 2019

    Could you please send valid dumps for CCNA Security to ichemencedji @ gmail.com.
    Thank you very much.

  5. Cyber
    April 8th, 2019

    Pliz help with dumps for cisco cyberOps

  6. Anonymous
    April 10th, 2019

    please recommend a book i can download to read for ccna security 210-260
    you can also post the download link

  7. Anonymous
    April 14th, 2019

    Could you please send valid dumps for CCNA Security to {email not allowed}?
    Thank you very much.

  8. Anonymous
    April 17th, 2019

    could you please send valid dumps for CCNA security to h o b b i t o n g a l @ y a h o o

  9. Secure Guy
    April 17th, 2019

    Some nice article on CCNA Security,
    https://ipcisco.com/ipcisco-blog/

  10. tinkerassassin
    April 20th, 2019

    Please send me a valid dump > tinkerassassin”@”yahoo.com
    I appreciate it guys

  11. Anonymous
    April 25th, 2019

    Can someone send me the latest Version? {email not allowed}. Thank you!

  12. Anonymous
    May 7th, 2019

    Could you please send valid dumps for CCNA Security to {email not allowed}
    support will be very appreciate.

  13. Anonymous
    May 7th, 2019

    could you please send valid dumps for CCNA security to patelashah2yahoo.ca

    Thank you

  14. Kelvin
    May 14th, 2019

    Congratulation for those who passed the exam, can please share the exam ? Thank you ! here is my email {email not allowed}

    Thanks again!

  15. Kevin
    May 14th, 2019

    Congratulation for those who passed the exam, can please share the exam ? Thank you ! here is my email “kitelionheart @ gmail . com” – remove spaces

    Thanks again!

  16. Kite
    May 14th, 2019

    Congratulation for those who passed the exam, can please share the exam ? Thank you ! here is my email “kitelionheart05 @ gmail . com” – remove spaces

    Thanks again!

  17. Ioe
    May 21st, 2019

    Good day

    Can you send me CCNA security dump to {email not allowed}

  18. Ioe
    May 21st, 2019

    “whitehawk.ioe @gmail . com” No space. Please remove space.

    Thanks.

    Please share pass question for CCNA security

  19. Johnny B
    May 22nd, 2019

    Congratulation for those who passed the exam, can please share the exam ? Thank you ! here is my email “johnnybinladen @ gmail . com” – remove spaces

    Thanks again!

  20. NeoCA
    June 1st, 2019

    please send my Dump valid {email not allowed}

  21. Tomas
    June 10th, 2019

    Hi,

    kindly please sent me latest dump link on “gahy @ seznam . cz”

    Thank you very much!

  22. jr one
    June 16th, 2019

    Hello everyone

    Is the Anubis CCNA Security dump still valid ????

    I am writing my exam july 15, 2019

    thanks

  23. v
    July 3rd, 2019

    Please help send vce 210-260 to me. Thanks!

  24. ESMER
    July 8th, 2019

    please send me the latest dump
    ” abood3teeq @ gmail . com “

  25. Jeb
    July 8th, 2019

    Could someone send me the latest CCNA security dump to hankscaddy @ Gmail . com

  26. DONIS
    July 12th, 2019

    Hello ,

    Congrats for those whot passed the exam .
    Kindly share the exam question or dumps at ” {email not allowed} .

    Thank you

  27. DONIS
    July 12th, 2019

    Hello ,

    Congrats for those whot passed the exam .
    Kindly share the exam question or dumps at doni.tirana12 @ gmail . com

    Thank you

  28. Anonymous
    July 25th, 2019

    Hi,

    Today I passed the exams. Around 50% of questions are from Anubis dumps, please also refer to the Word document “New questions”.

    66 questions and 1 simulation from dumps (with 4 questions).

    Bye,
    Milica

  29. Anonymous
    August 8th, 2019

    Hello,

    Youki’s material is valid for about 75% of the questions.

  30. Bayisa
    August 13th, 2019

    Please send me the dump at bayisa131 @ gmail . com

  31. Anon
    August 16th, 2019

    I haven’t seen the Youki or Anubis dump anywhere around. Can anybody post a link or upload it somewhere?

    Thank you.

Comment pages
1 15 16 17 1768
Add a Comment