Which statement about port security on a trunk link is true?
A. It error-disables the port after 10 MAC addresses are statically configured.
B. It is not supported.
C. By default, it shuts down the port if it learns more than one MAC address.
D. When it is enabled, it disables the native VLAN configuration.
C. By default, it shuts down the port if it learns more than one MAC address.
C is correct
Hey, easy easy!! ))
First of all, you CAN assign trunk port as port-security – try this and you will see
Second, does not make sence do it, because you may have the same mac address in diferent vlans
and finaly – you can do it, but it meaning that protection is lost
Answer is C – try it in your lab and make sure
C is correct
B is not correct – https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.html#wp1063854
C is correct
B is not correct – https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.html#wp1063854
C is correct
B is not correct
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/port_sec.html#wp1063854
Configuring Trunk Port Security
Trunk port security extends port security to trunk ports. It restricts the allowed MAC addresses or the maximum number of MAC addresses to individual VLANs on a trunk port. Trunk port security enables service providers to block the access from a station with a different MAC address than the ones specified for that VLAN on that trunk port. When a trunk port security violation occurs, the trunk port is shut down and an SNMP trap may be generated. Trunk port security is also supported on private VLAN trunk ports.
Trunk port security is used when a Catalyst 4500 series switch has a dot1q or isl trunk attached to a neighborhood Layer 2 switch. This may be used, for example, in metro aggregation networks (Figure 30-1).
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25sg/configuration/guide/conf/port_sec.html#wp1061883
Answer is C.
I think port security is supported on trunks but in some documents it say it is not:
no acording to this:
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/port_sec.html#wp1047752
but yes acording to this:
Configuring Trunk Port Security
https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25sg/configuration/guide/conf/port_sec.pdf
D, I think!
first off, you can enable Port Security on Trunk ports.
Configuring Trunk Port Security
Trunk port security extends port security to trunk ports. It restricts the allowed MAC addresses or the
maximum number of MAC addresses to individual VLANs on a trunk port. Trunk port security enables
service providers to block the access from a station with a different MAC address than the ones specified
for that VLAN on that trunk port. When a trunk port security violation occurs, the trunk port is shut down
and an SNMP trap may be generated. Trunk port security is also supported on private VLAN trunk ports.
Trunk port security is used when a Catalyst 4500 series switch has a dot1q or isl trunk attached to a
neighborhood Layer 2 switch. This may be used, for example, in metro aggregation networks
Port security is only available on access port. So answer B.
B