As a network administrator, you need to secure your network against potential disruptions caused by users connecting unauthorized devices to access layer ports. You want to ensure that if any BPDUs are received on an access port, the port is disabled to prevent topology changes. Which feature should you implement on the access ports to achieve this?
Enabling BPDU guard on access ports is the correct approach. BPDU guard will disable a port if it receives any Bridge Protocol Data Units (BPDUs), which helps in preventing unauthorized switches from causing topology changes. This is particularly important on access ports connected to end devices, where BPDUs should not be received.
PortFast is a feature that allows ports to enter the forwarding state immediately, but it does not disable the port if BPDUs are received.
Loop guard is used to prevent network loops by monitoring the absence of BPDUs on non-designated ports, but it does not disable the port upon receiving BPDUs.
Root guard prevents a port from becoming a root port by ignoring superior BPDUs received on that port, but it does not disable the port when BPDUs are received on an access port.
Therefore, BPDU guard is the most appropriate feature to protect the network in this scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Bridge Protocol Data Units (BPDUs)?
Open an interactive chat with Bash
How does enabling BPDU guard on access ports help in network security?
Open an interactive chat with Bash
What are the differences between BPDU guard, loop guard, and root guard?
Open an interactive chat with Bash
Cisco CCNA 200-301
Network Access
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access