48 HOURS ONLY: Get 2 free months of Insider Pro!

Configure Verify and Troubleshoot Port Security

Practice Labs Module
Time
1 hour
Difficulty
Intermediate

Welcome to the Configure, Verify and Troubleshoot Port Security Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

Introduction

Welcome to the Configure, Verify and Troubleshoot Port Security Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Configure Static and Dynamic Port Security
  • Configure Additional Port Security Configuration Settings
  • Configure Err-disable Recovery

After completing this lab, you will be able to:

  • Configure static port security
  • Configure dynamic port security
  • Configure Additional Port Security Configuration Settings
  • Configure Err-disable Recovery

Exam Objectives

The following exam objectives are covered in this lab:

  • CAS-003 2.1 Analyze a scenario and integrate network and security components, concepts and architectures to meet security requirement.
  • CAS-003 2.2 Analyze a scenario to integrate security controls for host devices to meet security requirements.
  • CAS-003 3.1 Given a scenario, conduct a security assessment using the appropriate methods.
  • CAS-003 4.1 Given a scenario, integrate hosts, storage, networks and applications into a secure enterprise architecture.

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1 - Configure Static and Dynamic Port Security

Port security is a technology that allows you to block unknown devices from being connected to a specified switch port.

In this exercise, you will configure static and dynamic port security on NYCORE1, specifically, on the port that is connected to the NYEDGE1 router.

Learning Outcomes

After completing this exercise, you will be able to:

  • Configure static port security
  • Configure dynamic port security

Exercise 2 - Configure Additional Port Security Configuration Settings

In this exercise, you will configure port security on NYCORE2 to block unknown MAC addresses from connecting to a specific switch port. In this example, there is a Cisco IP Phone connected to FastEthernet 1/0/12 interface on this switch as shown in the diagram below.

Learning Outcomes

After completing this exercise, you will be able to:

  • Configure Additional Port Security Configuration Settings

Exercise 3 - Configuring Err-disable Recovery

When a port security violation occurs that results in a port shutting down, the port goes into an err-disabled state. In order to recover from such a situation, you must go into the switch, shut down the interface and bring it back up.

To avoid such a procedure, it is possible to configure the port so that the err-disable state is not permanent. The interface can automatically be brought back up after a specified amount of time.

In this exercise, you will configure err-disable recovery that will provide such a function.

Learning Outcomes

After completing this exercise, you will be able to:

  • Configure Err-disable Recovery
Learning Partner
Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.