What is Port Security on a switch?
Why Interviewers Ask This
Candidates at the intermediate level are expected to not only know this concept but explain the trade-offs involved. Interviewers use this question to see if you can reason about design decisions, not just recall facts.
Answer
Port Security is a Layer 2 security feature on managed switches that restricts the MAC addresses allowed to connect to a switch port. You can set a maximum number of MAC addresses per port and specify which MACs are allowed (static or dynamically learned). If a violation occurs (unknown MAC attempts to connect or limit exceeded), the port takes an action: Shutdown (port disabled — must be manually re-enabled, most secure), Restrict (drop traffic from unknown MACs, log violation), or Protect (drop traffic from unknown MACs, no log). Port security prevents: MAC flooding attacks (attacker sends many fake MACs to fill the CAM table, causing the switch to flood all traffic), unauthorized device connections, and rogue devices. Limit port security to access ports connecting to end devices, not uplinks. Combined with 802.1X authentication for stronger security.
Pro Tip
This topic has Networking-specific nuances that differ from general programming. Highlighting those nuances in your answer shows expertise rather than generic knowledge.