EC-Council
312-50V10 · Question #35
312-50V10 Question #35: Real Exam Question with Answer & Explanation
The correct answer is C: Use the 802.1x protocol. IEEE 802.1X provides port-based Network Access Control, requiring devices to authenticate before gaining network access regardless of physical port availability.
Question
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students. He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?
Options
- ADisable unused ports in the switches
- BSeparate students in a different VLAN
- CUse the 802.1x protocol
- DAsk students to use the wireless network
Explanation
IEEE 802.1X provides port-based Network Access Control, requiring devices to authenticate before gaining network access regardless of physical port availability.
Common mistakes.
- A. Disabling unused ports is a partial hardening measure but does not authenticate users on active ports, and re-enabling ports for legitimate users would require manual intervention each time.
- B. Placing students in a separate VLAN only segments traffic after they are already connected - it does not prevent unauthorized initial network access.
- D. Asking students to use wireless is an administrative request with no technical enforcement and can be ignored, providing no real access control.
Concept tested. 802.1X port-based network access control
Community Discussion
No community discussion yet for this question.