单项选择题
Refer to the exhibit.
How will interface FastEthernnet0/1 respond when an 802.1x-enabled client connects to the port? ()
A. The switch will uniquely authorize the client by using the client MAC address.
B. The switch will cause the port to remain in the unauthorized state, ignoring all attempts by the client to authenticate.
C. The switch port will disable 802.1x port-based authentication and cause the port to transition to the authorized state without any further authentication exchange.
D. The switch port will enable 802.1x port-based authentication and begin relaying authentication messages between the client and the authentication server.
相关考题
-
单项选择题
An attacker is launching a DoS attack on the Company network using a hacking tool designed to exhaust the IP address space available from the DHCP servers for a period of time. Which procedure would best defend against this type of attack? ()
A. Configure only trusted interfaces with root guard.
B. Implement private VLANs (PVLANs) to carry only user traffic.
C. Implement private VLANs (PVLANs) to carry only DHCP traffic.
D. Configure only untrusted interfaces with root guard.
E. Configure DHCP spoofing on all ports that connect untrusted clients.
F. Configure DHCP snooping only on ports that connect trusted DHCP servers.
G. None of the other alternatives apply -
单项选择题
The Company is concerned about Layer 2 security threats. Which statement is true about these threats? ()
A. MAC spoofing attacks allow an attacking device to receive frames intended for a different network host.
B. Port scanners are the most effective defense against dynamic ARP inspection.
C. MAC spoofing, in conjunction with ARP snooping, is the most effective counter-measure against reconnaissance attacks that use dynamic ARP inspection (DAI) to determine vulnerable attack points.
D. Dynamic ARP inspection in conjunction with ARP spoofing can be used to counter DHCP snooping attacks.
E. DHCP snooping sends unauthorized replies to DHCP queries.
F. ARP spoofing can be used to redirect traffic to counter dynamic ARP inspection.
G. None of the other alternatives apply. -
单项选择题
Refer to the exhibit. Port security has been configured on the switch port Fa0/5. What would happen if another device is connected to the port after the maximum number of devices has been reached, even if one or more of the original MAC addresses are inactive?()
A. The port will permit the new MAC address because one or more of the original MAC addresses are inactive.
B. The port will permit the new MAC address because one or more of the original MAC addresses will age out.
C. Because the new MAC address is not configured on the port, the port will not permit the new MAC address.
D. Although one or more of the original MAC addresses are inactive, the port will not permit the new MAC address.
