312-50V13 · Question #67
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Etherne
The correct answer is C. Use the 802.1x protocol. To prevent unauthorized devices, like student notebooks, from gaining network access via wired Ethernet ports, a robust authentication mechanism is required before network connectivity is granted. The 802.1X protocol provides port-based network access control, authenticating devi
Question
Options
- ADisable unused ports in the switches
- BSeparate students in a different VLAN
- CUse the 802.1x protocol
- DAsk students to use the wireless network
How the community answered
(54 responses)- A4% (2)
- B9% (5)
- C81% (44)
- D6% (3)
Why each option
To prevent unauthorized devices, like student notebooks, from gaining network access via wired Ethernet ports, a robust authentication mechanism is required before network connectivity is granted. The 802.1X protocol provides port-based network access control, authenticating devices attempting to connect to a switch port before allowing them onto the network.
Disabling unused ports in switches is a good security practice to reduce the attack surface, but it does not prevent unauthorized access on ports that must remain enabled for legitimate users.
Separating students into a different VLAN might segment network traffic, but it does not prevent unauthorized devices from connecting to a wired port that belongs to a different, potentially more privileged, VLAN.
The 802.1X protocol provides port-based network access control, requiring devices to authenticate themselves to an authentication server (like RADIUS) before being granted access to the network through a switch port. This prevents unauthorized users or devices from simply plugging into an available Ethernet port and gaining network access.
Asking students to use the wireless network is an administrative policy, not a technical control, and it does not prevent them from attempting to bypass this policy by connecting to wired ports.
Concept tested: 802.1X network access control
Source: https://learn.microsoft.com/en-us/windows-server/networking/technologies/802-1x/802-1x-authentication-overview
Topics
Community Discussion
No community discussion yet for this question.