Ticket 7 – Port Security

If you see the ports fa1/0/1 and fa1/0/2 are down remove the port security and bounce the ports.

Hi Guys,

I have a question regarding the SAM’s strategy.

Client 1 (ping 10.1.1.1) > R1 (show run and check), there are 4 possibilities of tickets:

hey all dont worry about all bullshit stigmata u will spend more time trying to memorize them and forget them in the sweaty moment

just ping form C1 and move upstream or downstream with your pings to determine the faulty device

1- passive interface configured under eigrp router on DSW1 instead of R4–not true
2- there was no OSPF neighbor relationship between R1 and R2 but the issue was not auth under sub-int on R1- no its not written on the ospf 1 process

Guys Passed Today with 980/1000, I missed one MCQ but it was listed here in the MCQ section, so you should be ok,
IMPORTANT please note that port security issue in ASW1 DOES not appear as intended here, ( just as CR mentioned)
Port Security issue ( ticket #7) So you will follow SAM until you see that the issue is not R1. the you move to ASW1, do a show run, and you will see Port security on both Client’s insterfaces, and you would think thats the problem, since thats how it shows up here, BUT it is not!!!! if you do “Ip interface brief” you WILL SEE both interfaces UP/UP so thats NOT a Port security issue!!!
The problem will be “IP helper in DSW1”!!! do a show run in DSW1 and you will see it!! also do “ipconfig” in client 1! you will see it does not have a gateway configured! you also should see IP helper for Vlan 10 with a wrong IP address.

Just took the exam and passed with a 1000. Everything here is valid.

This one was a lil tricky. You will see port-security configured on the fa1/0/1 and 1/0/2 interfaces
type show interface fa1/0/1 this is the only way to ensure the port is UP/UP like @DESAM explained

you can type show port-security interface fa1/0/1 and 1/0/2 which will confirm if the port is shutdown due to a security violation.

you can use sh int status command to check the status of ports in ASW1 & its shows status err-disabled Fa1/0/1 & Fa1/0/2. Not sure command will work in exam

@nhema
sho err-disabled does not work in Exam sim

Thank you for Networktut for all hard works, this website truly help me to achieve full score (1000)
I like to share my experience, which may be helpful for you to pass the exam
MCQs seen from Nov, but make sure read questions carefully as they are coming with detailed scenarios
To disable passive interface only option appears in the exam as no ip passive-interface eigrp 10 under interface configuration mode. So we have to choose it.
As per my experience this command is not working on all Cisco versions. Cisco 7200 series doesn’t support for this command, which I used in GNS3
No 13 appears with incorrect DHCP helper address
It was quite tricky
Client1-> ipconfig shows with 169.— so decided to go through bottom-up approach
ASW1->show ip interface brief f1/0/0 and f1/0/2 connected to Clients show up with up/up status.
However when I applied show port-security given the out put with violation count 1 and status shutdown per each interface. quite confused..I didn’t choose remove port-security option.so rather choosing port security issue I decided to investigate further.
So found incorrect IP helper-address 10.2.21.129(which doesn’t exist in routing table and no such IP available in DHCP router)
So therefore I decided to choose correct IP helper address 10.1.21.129
So please don’t blindly choose answers

Pls. pls. carefully check configuration,

Wishing everyone Good-Luck

I have a small question

to design quality content spinning you need efficient and fast software, you will find it on content-spinning.fr so don't wait any longer.