Implementing Cisco Storage Area Networking (DCSAN) — Question 5

A storage network engineer must configure a 48-port Cisco MDS switch to reject any login requests to VSAN 10 from unauthorized Fibre Channel devices and switches. All the devices that were already logged in to the switch from this VSAN must be allowed without any manual configuration. Which configuration must be applied?

Answer options

• A. switch(config)# feature port-security switch(config)# port-security activate vsan 10
• B. switch(config)# feature port-security switch(config)# port-security activate vsan 10 no auto-learn
• C. switch(config)# feature port-security switch(config)# port-security database vsan 10 switch(config-port-security)# any-wwn interface fc1/1 "" fc1/48
• D. switch(config)# port-security activate vsan 10

Correct answer: D

Explanation

The correct answer is D because it directly activates port security for VSAN 10, which is necessary to restrict unauthorized logins while allowing existing connections. Options A and B involve additional commands that do not specifically achieve the requirement of rejecting unauthorized logins while maintaining current connections. Option C is irrelevant as it pertains to a different configuration aspect that does not meet the outlined needs.