By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? (Choose two.)
A.Create an additional ACL to block the access to VLAN 1.
B.Move the management VLAN to something other than default.
C.Move all ports to another VLAN and deactivate the default VLAN.
D.Limit the access in the switch using port security configuration.
E.Use static VLAN in trunks and access ports to restrict connections.
F.Shutdown all unused ports in the Catalyst switch.
According to most texts the answer is BF... I think it should be DF. Can somebody please clarify.
B and F
your D - Limit the access in the switch using port security configuration.
That would make more sense by Limit access to switch using passwords and SSH/HTTPS.
B - everyone knows that vlan 1 is default and used by all ports. You should change that other Vlan, like 99
Although port security is a great feature, (and should be used), if the question is focused on management security, then moving the management VLAN would be the better of the 2 choices, due to the question.