Implementing and Operating Cisco Data Center Core Technologies (DCCOR) — Question 240

An engineer deploys a new Cisco Nexus 5000 Series Switch in an existing environment with strict security policies. The new device should meet these requirements:

• Secure end-user ports with minimum configuration effort.
• Log security breaches and require manual recovery.
• Retain the switch configuration if the device restarts.

Which configuration must be used?

Answer options

• A. switchport port-security switchport port-security max 1 switchport port-security mac-address sticky
• B. switchport port-security switchport port-security violation restrict switchport port-security mac-address sticky
• C. switchport port-security switchport port-security violation shutdown switchport port-security mac-address dynamic
• D. switchport port-security switchport port-security max 1 switchport port-security violation shutdown

Correct answer: A

Explanation

The correct answer, A, sets the maximum number of secure MAC addresses to 1 and uses sticky MAC addresses, allowing for minimal configuration while ensuring security. Options B and C do not meet the requirement for manual recovery as they would either restrict traffic or shut down the port on a violation. Option D also would shut down the port on a violation, failing the requirement for manual intervention.