CISSP · Question #692
CISSP Question #692: Real Exam Question with Answer & Explanation
The correct answer is B: 802.1X authentication. 802.1X is the industry-standard protocol for port-based Network Access Control, providing strong authentication before granting network access. It is far more secure than other listed options because it requires credential verification through an authentication server.
Question
Which of the following provides the MOST secure method for Network Access Control (NAC)?
Options
- AMedia Access Control (MAC) filtering
- B802.1X authentication
- CApplication layer filtering
- DNetwork Address Translation (NAT)
Explanation
802.1X is the industry-standard protocol for port-based Network Access Control, providing strong authentication before granting network access. It is far more secure than other listed options because it requires credential verification through an authentication server.
Common mistakes.
- A. MAC filtering is easily bypassed because MAC addresses are visible in unencrypted network traffic and can be spoofed by an attacker using readily available tools, providing only superficial security.
- C. Application layer filtering is a firewall/proxy technique used to inspect and control traffic content after network access is already granted, not a mechanism for controlling initial network admission.
- D. Network Address Translation (NAT) is a technique for mapping private IP addresses to public ones to conserve address space and provide basic obscurity, but it does not authenticate or authorize devices seeking network access.
Concept tested. 802.1X port-based Network Access Control authentication
Topics
Community Discussion
No community discussion yet for this question.