Cisco
352-001 · Question #388
352-001 Question #388: Real Exam Question with Answer & Explanation
The correct answer is C: the potential of MAC address spoofing. MAC Authentication Bypass (MAB) uses the device MAC address as the sole credential, making MAC address spoofing the primary security concern because an attacker can clone an authorized device's MAC to gain network access.
Question
You are designing an IEEE 802.1X solution for a customer, where the network supports a large number of IP phones and printers. You plan to configure MAC address bypass for the phones and printers. What is your primary design and security concern?
Options
- Athe additional AAA traffic on the network
- Bthe placement of the AAA server
- Cthe potential of MAC address spoofing
- Dthe scaling of the MAC address database
Explanation
MAC Authentication Bypass (MAB) uses the device MAC address as the sole credential, making MAC address spoofing the primary security concern because an attacker can clone an authorized device's MAC to gain network access.
Common mistakes.
- A. Additional AAA RADIUS traffic is a general scalability concern for any 802.1X deployment and is not specific to the security risk introduced by using MAB for phones and printers.
- B. AAA server placement is an architectural redundancy and latency concern that applies to all 802.1X designs, not a unique security risk posed by MAB specifically.
- D. Scaling the MAC address database is an operational concern related to managing authorized endpoints, but it does not represent a security vulnerability inherent to the MAB authentication method.
Concept tested. 802.1X MAC Authentication Bypass security risks
Community Discussion
No community discussion yet for this question.