Question 154 of 1,819
Network Infrastructure and ConnectivitymediumMultiple SelectObjective-mapped

Quick Answer

The answer is that sticky MAC learning allows a switch port to dynamically learn and save device MAC addresses as secure entries, which can then be preserved in the startup configuration if the running configuration is saved. This works because the feature automatically converts dynamically learned MAC addresses into sticky secure MAC addresses, adding them to the running configuration as if they were manually configured, but without manual entry. On the CCNA 200-301 v2 exam, this tests your understanding that sticky MAC is a convenience feature within port security—it does not replace the need to set a maximum MAC count or change the port mode. A common trap is thinking sticky MAC addresses survive a reboot automatically; they only do so if you explicitly save the running config to startup. Memory tip: think "sticky = sticks to the config only when you save it."

CCNA Network Infrastructure and Connectivity Practice Question

This 200-301 practice question tests your understanding of network infrastructure and connectivity. This is a configuration task: choose the command set that satisfies every stated requirement. Small differences — like 'secret' vs 'password' or 'transport input ssh' vs 'all' — change whether the answer is correct. A key principle to apply: sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration.. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

Exhibit

interface FastEthernet0/10
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security mac-address sticky

A switch port was configured for sticky MAC learning. Which two statements accurately describe how the feature behaves?

Question 1mediummulti select
Full question →

Exhibit

interface FastEthernet0/10
 switchport mode access
 switchport port-security
 switchport port-security maximum 2
 switchport port-security mac-address sticky

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

The switch can dynamically learn MAC addresses and add them to the running configuration as secure MAC addresses.

Sticky MAC learning is Cisco’s way of letting a port learn device MAC addresses automatically, while still treating them as secure addresses under port security. In everyday language, it saves the administrator from typing each allowed MAC address by hand. As devices connect, the switch can learn their MAC addresses and place them into the running configuration as sticky secure MACs. If the administrator later saves the configuration, those learned entries can also be written into startup-config and survive a reboot. The feature does not replace port security; it works as part of port security. It also does not change the port into a trunk or disable the maximum address count. So the two correct ideas are dynamic secure learning and the ability to preserve those learned MACs by saving the configuration.

Key principle: Sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • The switch can dynamically learn MAC addresses and add them to the running configuration as secure MAC addresses.

    Why this is correct

    This is correct because sticky MAC learning lets the switch observe source MAC addresses arriving on the port and then record them as secure MAC entries. That gives the convenience of dynamic discovery with the control of port security.

    Related concept

    Sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration.

  • Sticky learning removes the need to enable port security on the interface.

    Why it's wrong here

    This is wrong because sticky learning is not a replacement for port security. It depends on port security already being active on the interface. Without port security, sticky learning would not function in the intended way.

    When this WOULD be correct

    In a different question that asks about the benefits of sticky MAC learning in a network environment where port security is already enabled, option B could be correct if it specifies that sticky learning simplifies MAC address management without needing additional configurations, assuming the context allows for a broader interpretation of 'removes the need'.

  • Saved sticky addresses can become part of the startup configuration if the running configuration is saved.

    Why this is correct

    This is correct because sticky addresses first appear in the running configuration, and if the administrator saves the running configuration, those entries can become persistent after a reload.

    Related concept

    Sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration.

  • Sticky learning automatically converts the interface into a trunk port.

    Why it's wrong here

    This is wrong because sticky MAC learning has nothing to do with VLAN tagging or trunk negotiation. The interface remains an access port unless the switching mode is changed separately.

    When this WOULD be correct

    If the question were about a feature that automatically configures a port as a trunk based on certain conditions, such as the presence of multiple VLANs or specific commands, then this option could be correct in that context.

  • Sticky learning prevents the maximum secure MAC limit from being enforced.

    Why it's wrong here

    This is wrong because the maximum secure MAC setting still applies. Sticky learning does not remove that cap. Additional learned addresses can still trigger a security violation.

    When this WOULD be correct

    In a different scenario where the question focuses on a switch feature that allows for unlimited MAC address learning without restrictions, such as a hypothetical switch mode that ignores security limits, option E could be correct. For instance, a question could ask about a specific configuration that allows dynamic MAC learning without enforcing limits.

Option-by-option analysis

Why each answer is right or wrong

Understanding why wrong answers are wrong — and when they would be correct — is what separates a 750 score from a 900. The 200-301 exam frequently reuses these exact scenarios with slightly different constraints.

The switch can dynamically learn MAC addresses and add them to the running configuration as secure MAC addresses.Correct answer

Why this is correct

This is correct because sticky MAC learning lets the switch observe source MAC addresses arriving on the port and then record them as secure MAC entries. That gives the convenience of dynamic discovery with the control of port security.

Sticky learning removes the need to enable port security on the interface.Wrong answer — click to see why

Why this is wrong here

Sticky MAC learning is a feature of port security and cannot function without port security being enabled on the interface. The command 'switchport port-security' must be configured first, and then 'switchport port-security mac-address sticky' enables sticky learning.

★ When this WOULD be the correct answer

In a different question that asks about the benefits of sticky MAC learning in a network environment where port security is already enabled, option B could be correct if it specifies that sticky learning simplifies MAC address management without needing additional configurations, assuming the context allows for a broader interpretation of 'removes the need'.

Why candidates choose this

Students may think that sticky learning automatically secures the port without needing to enable port security, confusing it with other features like dynamic MAC address learning on a switch. However, sticky learning is a subset of port security and requires port security to be active.

Sticky learning automatically converts the interface into a trunk port.Wrong answer — click to see why

Why this is wrong here

Sticky MAC learning is a port security feature that operates on access ports and does not affect the interface's operational mode. Trunk ports are configured separately using 'switchport mode trunk' and are used for carrying multiple VLANs, which is unrelated to MAC address learning behavior.

★ When this WOULD be the correct answer

If the question were about a feature that automatically configures a port as a trunk based on certain conditions, such as the presence of multiple VLANs or specific commands, then this option could be correct in that context.

Why candidates choose this

Some students might associate 'sticky' with automatically adapting to the network, leading them to think it could change the port to trunk mode. However, sticky MAC only pertains to how MAC addresses are learned and stored, not to VLAN tagging or trunking.

Sticky learning prevents the maximum secure MAC limit from being enforced.Wrong answer — click to see why

Why this is wrong here

Sticky MAC learning does not override the maximum secure MAC address limit configured with 'switchport port-security maximum'. If the number of learned sticky addresses reaches the limit, additional MAC addresses will trigger a security violation, just like with dynamically learned addresses.

★ When this WOULD be the correct answer

In a different scenario where the question focuses on a switch feature that allows for unlimited MAC address learning without restrictions, such as a hypothetical switch mode that ignores security limits, option E could be correct. For instance, a question could ask about a specific configuration that allows dynamic MAC learning without enforcing limits.

Why candidates choose this

Students might think that because sticky addresses are saved and persistent, the switch would allow more addresses than the limit. However, the maximum limit is still enforced to prevent unauthorized devices from being learned, regardless of whether the learning is sticky or dynamic.

Analysis generated from the official 200-301blueprint and verified against question context. The “when correct” sections are what AI assistants cite when candidates ask “what’s the difference between these options?”

Common exam traps

Common exam trap: answer the scenario, not the keyword

Remember, sticky MAC learning is a feature of port security, not a replacement or a mode change.

Detailed technical explanation

How to think about this question

Sticky MAC learning is a feature within Cisco's port security framework that allows a switch port to dynamically learn MAC addresses from devices connected to it and then convert those addresses into secure MAC entries. These learned addresses are initially stored in the running configuration as 'sticky' entries, which means the switch remembers them as authorized devices for that port. This approach combines the flexibility of dynamic MAC address learning with the security benefits of port security by preventing unauthorized devices from connecting once the maximum secure MAC limit is reached. When sticky MAC learning is enabled on a switch port, the switch listens for source MAC addresses on incoming frames and adds them to the secure MAC address list dynamically. These addresses are not immediately permanent; they reside in the running configuration until the administrator saves the configuration to the startup configuration. This persistence ensures that after a reboot, the learned MAC addresses remain authorized, preventing the need to manually reconfigure them. Importantly, sticky learning requires port security to be enabled on the interface, as it is an extension of that feature rather than a standalone mechanism. A common exam trap is misunderstanding the scope and effect of sticky MAC learning. Candidates may incorrectly assume that sticky learning disables the maximum secure MAC address limit or automatically converts the port to a trunk, which it does not. Sticky learning strictly manages how MAC addresses are learned and stored under port security rules. It also does not replace port security but depends on it. Practically, sticky MAC learning simplifies network administration by automating secure MAC address entry, but network engineers must still configure port security parameters like maximum addresses and violation actions to maintain effective control.

KKey Concepts to Remember

  • Sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration.
  • The learned sticky MAC addresses become part of the startup configuration only after the running configuration is saved.
  • Sticky MAC learning operates as a feature within port security and requires port security to be enabled on the interface.
  • The maximum number of secure MAC addresses configured on a port still applies when sticky learning is enabled.
  • Sticky MAC learning does not change the port type; the interface remains an access port unless manually reconfigured.
  • Sticky MAC addresses help prevent unauthorized devices by restricting the port to known MAC addresses learned dynamically.
  • Port security violation actions still apply when sticky MAC learning reaches the maximum secure MAC address limit.
  • Sticky MAC learning reduces manual configuration effort by automatically populating secure MAC addresses based on device connections.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

Sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration.

Real-world example

How this comes up in practice

A help-desk technician troubleshoots why a newly connected PC cannot reach shared printers on the same floor. The cable is good, the switch port is active, but the PC is in VLAN 20 and the printers are in VLAN 10. The uplink trunk only allows VLAN 10. A trunk being up does not mean every VLAN crosses it.

What to study next

Got this wrong? Here's your next step.

Review sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration., then practise related 200-301 questions on the same topic to reinforce the concept.

Related practice questions

Related 200-301 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free 200-301 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this 200-301 question test?

Network Infrastructure and Connectivity — This question tests Network Infrastructure and Connectivity — Sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration..

What is the correct answer to this question?

The correct answer is: The switch can dynamically learn MAC addresses and add them to the running configuration as secure MAC addresses. — Sticky MAC learning is Cisco’s way of letting a port learn device MAC addresses automatically, while still treating them as secure addresses under port security. In everyday language, it saves the administrator from typing each allowed MAC address by hand. As devices connect, the switch can learn their MAC addresses and place them into the running configuration as sticky secure MACs. If the administrator later saves the configuration, those learned entries can also be written into startup-config and survive a reboot. The feature does not replace port security; it works as part of port security. It also does not change the port into a trunk or disable the maximum address count. So the two correct ideas are dynamic secure learning and the ability to preserve those learned MACs by saving the configuration.

What should I do if I get this 200-301 question wrong?

Review sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration., then practise related 200-301 questions on the same topic to reinforce the concept.

What is the key concept behind this question?

Sticky MAC learning enables a switch port to dynamically learn MAC addresses and add them as secure entries in the running configuration.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Keep practising

More 200-301 practice questions

Last reviewed: May 17, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This 200-301 practice question is part of Courseiva's free Cisco certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the 200-301 exam.