nerdexam
ExamsSY0-301Questions#527
CompTIA

SY0-301 · Question #527

SY0-301 Question #527: Real Exam Question with Answer & Explanation

The correct answer is D: 802.1x. IEEE 802.1x is a port-based Network Access Control (NAC) standard that requires any device connecting to a network switch port to authenticate (typically via EAP/RADIUS) before being granted network access. A rogue device that plugs into a wall jack will be placed in a restricted

Question

A company determines a need for additional protection from rogue devices plugging into physical ports around the building. Which of the following provides the highest degree of protection from unauthorized wired network access?

Options

  • AIntrusion Prevention Systems
  • BMAC filtering
  • CFlood guards
  • D802.1x

Explanation

IEEE 802.1x is a port-based Network Access Control (NAC) standard that requires any device connecting to a network switch port to authenticate (typically via EAP/RADIUS) before being granted network access. A rogue device that plugs into a wall jack will be placed in a restricted VLAN or denied access entirely until it presents valid credentials. MAC filtering (B) can be easily bypassed by spoofing a known MAC address. IPS (A) and flood guards (C) detect or mitigate attacks on the network but do not prevent the initial unauthorized connection. 802.1x is specifically designed to solve the physical-port unauthorized-access problem.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full SY0-301 Practice