Port security on a switch restricts which MAC addresses can use a switch port. This primarily mitigates which threat?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Network+ Exam with the comprehensive Jason Dion's Network+ Course. Utilize flashcards and multiple-choice questions with hints and explanations to master networking concepts and ace your test!

Multiple Choice

Port security on a switch restricts which MAC addresses can use a switch port. This primarily mitigates which threat?

Explanation:
Port security restricts which MAC addresses can use a switch port by limiting how many and which MACs the switch will learn on that port. This directly counters MAC flooding, where an attacker sends a flood of frames with different source MAC addresses to exhaust the switch’s CAM (Content Addressable Memory) table. Once the CAM is full, the switch must broadcast unknown unicast frames or start dropping traffic, leading to potential loss of connectivity or degraded performance. By tying specific MAC addresses to a port or enforcing a strict limit, the switch can drop unauthorized addresses and keep legitimate traffic flowing. IP spoofing, DNS spoofing, and phishing operate at different layers or involve social engineering rather than the MAC-layer behavior of the switch. Port security won’t stop those threats, but it does mitigate MAC flooding effectively.

Port security restricts which MAC addresses can use a switch port by limiting how many and which MACs the switch will learn on that port. This directly counters MAC flooding, where an attacker sends a flood of frames with different source MAC addresses to exhaust the switch’s CAM (Content Addressable Memory) table. Once the CAM is full, the switch must broadcast unknown unicast frames or start dropping traffic, leading to potential loss of connectivity or degraded performance. By tying specific MAC addresses to a port or enforcing a strict limit, the switch can drop unauthorized addresses and keep legitimate traffic flowing.

IP spoofing, DNS spoofing, and phishing operate at different layers or involve social engineering rather than the MAC-layer behavior of the switch. Port security won’t stop those threats, but it does mitigate MAC flooding effectively.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy