What is the Cisco preferred countermeasure to mitigate CAM overflows?
A. Port security
B. Dynamic port security
C. IP source guard
D. Root guard
What is the Cisco preferred countermeasure to mitigate CAM overflows?
What is the Cisco preferred countermeasure to mitigate CAM overflows?
A. Port security
B. Dynamic port security
C. IP source guard
D. Root guard
Cisco has some ridiculous answers on their tests, and while you know all the technologies, you need to know which one Cisco “recommends”.
802.1x is a good way to mitigate CAM overflows. So is IP Source Guard and DAI. But the answer that Cisco “recommends” is dynamic port security.
Personally, I would never use dynamic port security. 802.1x every time with IP Source guard and DAI. Anything else would be insecure and dumb.
That is interesting the Answer is B. I would assume B as well. However, the technology that is behind all of this is Port Security.
I am a irritated by these types of Questions because Port Security/Dynamic Port Security are the same technology.
I did find a recent article:
http://www.cisco.com/c/en/us/support/docs/switches/catalyst-3750-series- switches/72846-layer2-secftrs-catl3fixed.html
“A more administratively scalable solution is the implementation of dynamic port security at the switch”
So this would lead me to believe the Correct Answer is B… However, the Cisco Press Book leads you to believe the Answer is A. Port Security.