nerdexam
Cisco

350-401 · Question #446

Refer to the exhibit. Which single security feature is recommended to provide Network Access Control m the enterprise?

The correct answer is B. 802.1X. 802.1X for Network Access Control 802.1X is the industry-standard, recommended solution for Network Access Control (NAC) in enterprise environments because it provides robust, identity-based authentication using the EAP (Extensible Authentication Protocol) framework, integrating

Submitted by priya_blr· Mar 6, 2026Security

Question

Refer to the exhibit. Which single security feature is recommended to provide Network Access Control m the enterprise?

Exhibits

350-401 question #446 exhibit 1
350-401 question #446 exhibit 2

Options

  • AMAB
  • B802.1X
  • CWebAuth
  • Dport security sticky MAC

How the community answered

(38 responses)
  • A
    3% (1)
  • B
    89% (34)
  • C
    5% (2)
  • D
    3% (1)

Explanation

802.1X for Network Access Control

802.1X is the industry-standard, recommended solution for Network Access Control (NAC) in enterprise environments because it provides robust, identity-based authentication using the EAP (Extensible Authentication Protocol) framework, integrating with RADIUS servers to dynamically authorize users and devices before granting network access.

Why the distractors are wrong:

  • MAB (MAC Authentication Bypass) is a fallback mechanism used only when a device cannot support 802.1X - it relies on MAC addresses, which can be easily spoofed, making it insufficient as a standalone enterprise solution.
  • WebAuth (Web Authentication) is typically used as a last-resort method (e.g., for guest access) and requires HTTP/HTTPS interaction, making it impractical for automated enterprise NAC.
  • Port Security Sticky MAC simply locks a port to a learned MAC address - it has no real authentication mechanism and offers no identity-based access control, making it unsuitable for scalable enterprise NAC.

Memory Tip: Think "802.1X = Enterprise eXcellence" - it's the only option that uses true identity-based authentication with a RADIUS backend, which is the hallmark of enterprise-grade NAC. If a question mentions enterprise + NAC, 802.1X is almost always the answer.

Topics

#Network Access Control#802.1X#Port-based Authentication

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice