300-320 · Question #522
300-320 Question #522: Real Exam Question with Answer & Explanation
The correct answer is B: It can allow and deny port access based on device identity. 802.1X is an IEEE standard (not Cisco-proprietary), so A is false. It supports port-based Network Access Control (NAC) and can authenticate both based on device identity (e.g., certificate or MAC - B is true) and user identity (e.g., username/password via RADIUS - D is true). 802
Question
Options
- AIt is Cisco standard
- BIt can allow and deny port access based on device identity
- CIt works only with wired devices
- DIt can allow and deny port access based on user identity
- EEAP messages in Ethernet frames and don't use PPP
- FEAP messages in Ethernet frames and use PPP
Explanation
802.1X is an IEEE standard (not Cisco-proprietary), so A is false. It supports port-based Network Access Control (NAC) and can authenticate both based on device identity (e.g., certificate or MAC - B is true) and user identity (e.g., username/password via RADIUS - D is true). 802.1X works with both wired and wireless devices, so C is false. The 802.1X protocol uses EAP over LAN (EAPOL), which encapsulates EAP messages directly in Ethernet frames - it does not use PPP (E is true, F is false).
Community Discussion
No community discussion yet for this question.