Appendix  ■   Answers to Practice Test Questions  124

Appendix 

  Answers to Practice Test Questions

switchport port-security mac-address 0334.56f3.e4e4  

will configure the interface with a static MAC address of 0334.56f3.e4e4. The  

command 

it will configure itself with the first MAC address learned. The command  

switchport port-security mac-address static 0334.56f3.e4e4 is incorrect. The 

command 

show port-security will show all of the ports that are actively 

participating in port security. In addition, you can see the maximum number of  

addresses configured, current addresses, security violations, and action. The command 

show port-security details is incorrect. The command show mac address-table 

secure is incorrect. The command show port-security address is incorrect.

errdisable recovery cause psecure_violation will 

reset all ports with an err-disable status. The command 

clear err-disable is incorrect. 

The command 

clear switchport port-security is incorrect. The command clear 

port-security violation is incorrect.

 127.  A.  The command 

show running-config will show you the learned MAC addresses 

from port security. The command 

show port-security is incorrect. The command show 

port-security details is incorrect. The command show port-security status is 

incorrect.

stands for authentication, authorization, and accounting. It is pronounced “triple A.” 

An Active Directory server can be used in conjunction with authentication, but the AAA 

server will facilitate the authentication. 802.1X is a protocol and not a type of server; 

therefore, this is incorrect. Terminal servers are servers that extend applications or the 

server desktop to remote users and have nothing to do with authentication of Cisco routers 

and switches.

 129.  B.  RADIUS authentication uses the UDP protocol and port 1645 for communications 

between the switch or router and the AAA server. All of the other options are incorrect.

AAA server for authenticating users. 802.1X is used to secure ports on a switch or access 

to wireless access points (WAPs). Active Directory (AD) is a Microsoft directory of 

computers and users that is used for authentication purposes. Extensible Authentication 

Protocol (EAP) is a protocol that allows for passwords, certificates, biometrics, and any 

other extensible method for authentication.

aaa authentication log-in default group tacacs+ local will 

configure AAA authentication for login using the default list and a group of TACACS+ 

servers for TACACS+ login first and a backup of local for authentication. The command 

authentication login group tacacs+ local is incorrect. The command  

aaa-authentication login default tacacs+ local is incorrect. The command  

aaa authentication login tacacs+ local is incorrect.

Chapter 5: Security Fundamentals (Domain 5) 

Download 8,04 Mb.

Do'stlaringiz bilan baham: