Which statement is correct if root guard is enabled for STP security on Switch?
- If superior BPDUs are received on a designated port, the interface is placed into the root inconsistent blocked state
- If BPDUs are received on a PortFast-enabled port, the port is disabled
- f inferior BPDUs are received on a root port, all blocked ports become alternate paths to the root bride.
- If BPDUs are not received on a non-designated port, the port is moved into the STP loop inconsistent blocked state
Explanation
Root guard is a security feature that is used to prevent unauthorized switches from becoming the root switch in a network running the Spanning Tree Protocol (STP).
When root guard is enabled on a switch, the switch will only allow superior BPDUs (Bridge Protocol Data Units) to be received on designated ports. If superior BPDUs are received on a non-designated port, the port will be placed into the root inconsistent blocked state, which prevents it from becoming a root port.
The other statements are incorrect. PortFast is a feature that is used to speed up the convergence of STP on a network by bypassing the normal STP port initialization process. If BPDUs are received on a PortFast-enabled port, the port is not disabled. Instead, the normal STP process is initiated on the port.
Inferior BPDUs are not received on a root port, and receiving BPDUs on a non-designated port does not cause the port to be moved into the STP loop inconsistent blocked state.
Therefore The correct answer is: “If superior BPDUs are received on a designated port, the interface is placed into the root inconsistent blocked state.”