How can a network administrator configure the switches to eliminate this issue?

– by 2

Refer to the exhibits.
Exhibit 1

Exhibit 2

A company does not require authentication for security, but AOS-Switches are set up to use local MAC authentication (LMA) to assign the correct VLAN and priority to IP phones. IP phones and computers belong to different VLANs. Each device is supposed to connect to a specific port, but sometimes users connect their devices to the wrong ports and cannot receive access without help from IT.
How can a network administrator configure the switches to eliminate this issue?
A. Set the address limit to 2 on the switch ports that apply LMA.
B. Create a user role that applies the user VLAN, and set this role as the initial role.
C. Add the MAC addresses for computers to the myPhones MAC group.
D. Apply LMA to all edge switch ports, and set the unauth VLAN to the user VLAN.

Download Printable PDF. VALID exam to help you PASS.

2 thoughts on “How can a network administrator configure the switches to eliminate this issue?

    1. I agree. If you place the computer’s MAC in that group, all traffic from the computer will get placed in the same class as the IP phones, which is not a good practice (Although it will technically work). (The only reason they are using LMA is the dynamically assign a VLAN/QoS priority to that device)
      A is incorrect as the feature is not necessary
      B is not needed as authentication is not a priority.
      D is better as it is simpler for users + no auth really needed. When they are not in the MAC group and ‘fail’ the auth, they are placed in the operational data VLAN and should be able to get access.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.