Switch Port Hardening

Avenir AX‑2400 Managed Switch · IDF‑3 access layer
SY0‑701 3.2.1.8 4.1.2.3 2.5.11.5

Scenario

You are the on‑call security analyst for Cedar & Pine Outfitters, a regional outdoor retailer. During a quarterly access‑layer review you reach the Avenir AX‑2400 switch in the third‑floor wiring closet (IDF‑3). Inventory shows that most of its 24 access ports have nothing plugged in, and none of the live ports enforce port security. An auditor flagged the open jacks as a way for an unauthorized device to reach the internal VLAN. Your job is to harden the switch.

The asset record lists the live ports. Everything not in this list is unused:

Live (in‑use) ports

Your tasks

  1. Administratively disable every unused port so no one can patch into a dead jack.
  2. On each live port, enable Port Lock and set Address learning = Static and Violation response = Drop. Live ports must stay enabled.
  3. Answer the three review questions.

Tip: select several ports at once (a port range) and apply one configuration to all of them.

AX‑2400 fw 3.4.1‑b mgmt 10.42.3.2

Port panel

0 selected

Configure selected port(s)

No ports selected.

When locked, only learned MAC addresses may use the port.

Task progress

    Review questions

    Submit completed lab

    Score 0 / 5

    Hacker name identifies your submission to the instructor. Keep personal information out of it.