Implementing Cisco Edge Network Security Solutions (SENSS, legacy) — Question 11

Which two actions can you take to mitigate MAC attacks on Layer 2 switches? (Choose two.)

Answer options

• A. Configure the switchport port-security violation shutdown command on the trunk port.
• B. Configure static MAC addresses on the access ports.
• C. Configure the switchport port-security violation restrict command on the trunk port.
• D. Enable port security to limit the number of MAC addresses on access ports.
• E. Configure dynamic ARP inspection on the access port.

Correct answer: C, E

Explanation

The correct answers, C and E, help to manage and inspect MAC address assignments to prevent unauthorized access. Option C allows for limiting MAC address violations without shutting down the port, while E helps prevent ARP spoofing. Options A, B, and D do not offer the same level of protection against MAC attacks as C and E do.