2 Replies Latest reply: Mar 9, 2011 10:41 PM by Keith Barker - CCIE RS/Security, CISSP RSS

    Please provide some clarity on the following switch management security issue.


      By default, each port in a Cisco Catalyst switch is assigned to VLAN1. Which two recommendations are key to avoid unauthorized management access? (Choose two.)

      A.Create an additional ACL to block the access to VLAN 1.

      B.Move the management VLAN to something other than default.

      C.Move all ports to another VLAN and deactivate the default VLAN.

      D.Limit the access in the switch using port security configuration.

      E.Use static VLAN in trunks and access ports to restrict connections.

      F.Shutdown all unused ports in the Catalyst switch.

      According to most texts the answer is BF... I think it should be DF. Can somebody please clarify.