N10-009 Question #234: Real Exam Question with Answer & Explanation

Question

A company is implementing a policy that will not allow employees to bring personal devices to the office and connect to the wireless network. Which of the following is the best way to enforce this policy?

Options

• AMAC filtering
• B802.1X
• CPort security
• DACL

Explanation

The best way to enforce a policy preventing personal devices from connecting to a wireless network is 802.1X, which provides robust, centralized authentication before granting network access.

Common mistakes.

• A. MAC filtering is easily bypassed by MAC address spoofing and becomes cumbersome to manage in environments with many devices, making it a weak and ineffective solution for robust policy enforcement.
• C. Port security is primarily used for wired network ports to limit or restrict which MAC addresses can connect to a specific switch port, and while it offers some control, it's less suited for comprehensive wireless network access control compared to 802.1X.
• D. ACLs (Access Control Lists) are used to filter traffic based on criteria like IP address or port numbers once a device is already connected to the network; they do not control initial access or authentication to the network itself.

Concept tested. Network access control (NAC)

Reference. https://learn.microsoft.com/en-us/windows-server/networking/technologies/nps/nps-802-1x-wireless-access-point-deployment

No community discussion yet for this question.