nerdexam
EC-Council

312-50V13 · Question #67

Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Etherne

The correct answer is C. Use the 802.1x protocol. To prevent unauthorized devices, like student notebooks, from gaining network access via wired Ethernet ports, a robust authentication mechanism is required before network connectivity is granted. The 802.1X protocol provides port-based network access control, authenticating devi

Submitted by minji_kr· Mar 6, 2026System Hacking

Question

Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students. He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

Options

  • ADisable unused ports in the switches
  • BSeparate students in a different VLAN
  • CUse the 802.1x protocol
  • DAsk students to use the wireless network

How the community answered

(54 responses)
  • A
    4% (2)
  • B
    9% (5)
  • C
    81% (44)
  • D
    6% (3)

Why each option

To prevent unauthorized devices, like student notebooks, from gaining network access via wired Ethernet ports, a robust authentication mechanism is required before network connectivity is granted. The 802.1X protocol provides port-based network access control, authenticating devices attempting to connect to a switch port before allowing them onto the network.

ADisable unused ports in the switches

Disabling unused ports in switches is a good security practice to reduce the attack surface, but it does not prevent unauthorized access on ports that must remain enabled for legitimate users.

BSeparate students in a different VLAN

Separating students into a different VLAN might segment network traffic, but it does not prevent unauthorized devices from connecting to a wired port that belongs to a different, potentially more privileged, VLAN.

CUse the 802.1x protocolCorrect

The 802.1X protocol provides port-based network access control, requiring devices to authenticate themselves to an authentication server (like RADIUS) before being granted access to the network through a switch port. This prevents unauthorized users or devices from simply plugging into an available Ethernet port and gaining network access.

DAsk students to use the wireless network

Asking students to use the wireless network is an administrative policy, not a technical control, and it does not prevent them from attempting to bypass this policy by connecting to wired ports.

Concept tested: 802.1X network access control

Source: https://learn.microsoft.com/en-us/windows-server/networking/technologies/802-1x/802-1x-authentication-overview

Topics

#network access control#802.1X#port security#network segmentation#BYOD

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice