Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

HomeCertifications200-301GlossaryPort Security

Security

ACLDHCP SnoopingDynamic ARP InspectionSSHTelnetAAARADIUSTACACS+View all terms →

Practice

Practice TestMock ExamFlashcards
Security200-301 Exam Term

What Does Port Security Mean in 200-301?

Reviewed byJohnson Ajibi· Senior Network & Security Engineer · MSc IT Security

Quick Definition

A switch feature that limits the number of MAC addresses allowed on a port.

Full Definition

Port Security restricts which MAC addresses can send frames through a switch port, limiting the number of learned MAC addresses. When a violation occurs (unknown MAC or too many MACs), the port can be configured to: Shutdown (errdisable — default), Restrict (drop frames, log, counter), or Protect (silently drop frames). Secure MAC addresses can be configured statically or learned dynamically (sticky). Port Security applies to access ports.

CLI Command

interface GigabitEthernet0/1
 switchport port-security
 switchport port-security maximum 2
 switchport port-security violation shutdown
 switchport port-security mac-address sticky

Exam Trap — Don't Get Fooled

The default violation mode is Shutdown (errdisable). Shutdown permanently disables the port until manually re-enabled. Restrict and Protect keep the port active. Sticky MAC learning saves dynamically learned MACs to the running config.

Related 200-301 Terms

MAC Address

A 48-bit hardware identifier burned into every network interface card.

DHCP Snooping

A switch security feature that filters DHCP messages to prevent rogue DHCP servers.

Dynamic ARP Inspection

A switch security feature that validates ARP packets using the DHCP Snooping binding table to prevent ARP spoofing.

Frequently Asked Questions

What does Port Security mean on the 200-301 exam?

Port Security restricts which MAC addresses can send frames through a switch port, limiting the number of learned MAC addresses. When a violation occurs (unknown MAC or too many MACs), the port can be configured to: Shutdown (errdisable — default), Restrict (drop frames, log, counter), or Protect (silently drop frames). Secure MAC addresses can be configured statically or learned dynamically (sticky). Port Security applies to access ports.

How does Port Security appear as a trap on the 200-301?

The default violation mode is Shutdown (errdisable). Shutdown permanently disables the port until manually re-enabled. Restrict and Protect keep the port active. Sticky MAC learning saves dynamically learned MACs to the running config.

How important is Port Security on the 200-301 exam?

Port Security falls under the Security domain of the 200-301 exam. Understanding it in context with related terms like mac-address and dhcp-snooping is essential for answering scenario-based questions correctly.

← Back to 200-301 GlossaryPractice 200-301 Questions

Term Info

Category

Security

Exam

200-301