300-715 Question #79: Real Exam Question with Answer & Explanation

The correct answer is D: username. MAC Authentication Bypass (MAB) uses a device's MAC address as both the username and password in the authentication request to allow non-802.1X capable devices to authenticate.

Policy Enforcement

Question

What does MAB leverage a MAC address for?

Options

ACalling-Station-ID
Bpassword
Ccisco-av-pair
Dusername

Explanation

MAC Authentication Bypass (MAB) uses a device's MAC address as both the username and password in the authentication request to allow non-802.1X capable devices to authenticate.

Common mistakes.

A. Calling-Station-ID is a RADIUS attribute carrying the client's MAC address, but it is not the username itself in the MAB authentication flow.
B. While the MAC address is often used as the password in MAB, its primary leveraging for the MAB mechanism is as the username.
C. cisco-av-pair is a vendor-specific attribute for passing various parameters, not the fundamental mechanism for how the MAC address is leveraged in MAB authentication.

Concept tested. MAC Authentication Bypass (MAB) mechanism

Reference. https://www.cisco.com/c/en/us/td/docs/security/ise/2-6/admin_guide/b_ise_admin_guide_26/b_ise_admin_guide_26_chapter_01000.html#concept_E0921B668F3B4E38A4B6B0E0973F1C40

Topics

#MAB#MAC Authentication Bypass#RADIUS#Authentication

Community Discussion

No community discussion yet for this question.

Full 300-715 Practice Browse All 300-715 Questions