nerdexam
(ISC)2

CISSP · Question #692

Which of the following provides the MOST secure method for Network Access Control (NAC)?

The correct answer is B. 802.1X authentication. 802.1X is the industry-standard protocol for port-based Network Access Control, providing strong authentication before granting network access. It is far more secure than other listed options because it requires credential verification through an authentication server.

Submitted by yuki_2020· Mar 5, 2026Communication and Network Security

Question

Which of the following provides the MOST secure method for Network Access Control (NAC)?

Options

  • AMedia Access Control (MAC) filtering
  • B802.1X authentication
  • CApplication layer filtering
  • DNetwork Address Translation (NAT)

How the community answered

(18 responses)
  • B
    94% (17)
  • D
    6% (1)

Why each option

802.1X is the industry-standard protocol for port-based Network Access Control, providing strong authentication before granting network access. It is far more secure than other listed options because it requires credential verification through an authentication server.

AMedia Access Control (MAC) filtering

MAC filtering is easily bypassed because MAC addresses are visible in unencrypted network traffic and can be spoofed by an attacker using readily available tools, providing only superficial security.

B802.1X authenticationCorrect

802.1X is a port-based NAC standard that requires devices to authenticate via an authentication server (typically RADIUS) using EAP before being granted network access. It validates identity through credentials, certificates, or tokens, making it extremely difficult to bypass compared to identifier-based methods. This ensures only authorized users and devices gain network access, making it the gold standard for NAC security.

CApplication layer filtering

Application layer filtering is a firewall/proxy technique used to inspect and control traffic content after network access is already granted, not a mechanism for controlling initial network admission.

DNetwork Address Translation (NAT)

Network Address Translation (NAT) is a technique for mapping private IP addresses to public ones to conserve address space and provide basic obscurity, but it does not authenticate or authorize devices seeking network access.

Concept tested: 802.1X port-based Network Access Control authentication

Source: https://learn.microsoft.com/en-us/windows-server/networking/technologies/nap/network-access-protection

Topics

#network access control#802.1X#network security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice