What should Bob do to prevent unauthorized student access to the wired network?

Boost your skills for the EC-Council Certified Ethical Hacker v13 Exam. Use flashcards and multiple choice questions to prepare effectively. Each question includes hints and explanations. Get exam-ready now!

Multiple Choice

What should Bob do to prevent unauthorized student access to the wired network?

Explanation:
The concept being tested is controlling access to a wired network at the point of entry through port-based authentication. 802.1X creates a guard on each switch port: the device attempting to connect (the supplicant) must be authenticated by an authentication server (usually via RADIUS) before that port is allowed to carry traffic. Until authentication succeeds, the port remains in a restricted state, blocking normal access. This means only devices and users that prove their identity can join the network, which is exactly what’s needed to prevent unauthorized students from plugging in. Why this is the best choice: it provides active validation of who or what is connecting, scales well in environments with many users and devices, and can enforce policies like placing unauthenticated devices in a restricted VLAN or blocking them entirely until credentials or certificates are verified. It’s specifically designed for wired access control and reduces the risk of rogue devices gaining network access, compared to approaches that don’t verify identity. Why the others aren’t as effective: disabling all switch ports is impractical and disruptive for legitimate users; MAC address filtering can be defeated by spoofing and doesn’t authenticate the user or device; static IP addressing doesn’t verify identity or prevent new devices from connecting once a link is established.

The concept being tested is controlling access to a wired network at the point of entry through port-based authentication. 802.1X creates a guard on each switch port: the device attempting to connect (the supplicant) must be authenticated by an authentication server (usually via RADIUS) before that port is allowed to carry traffic. Until authentication succeeds, the port remains in a restricted state, blocking normal access. This means only devices and users that prove their identity can join the network, which is exactly what’s needed to prevent unauthorized students from plugging in.

Why this is the best choice: it provides active validation of who or what is connecting, scales well in environments with many users and devices, and can enforce policies like placing unauthenticated devices in a restricted VLAN or blocking them entirely until credentials or certificates are verified. It’s specifically designed for wired access control and reduces the risk of rogue devices gaining network access, compared to approaches that don’t verify identity.

Why the others aren’t as effective: disabling all switch ports is impractical and disruptive for legitimate users; MAC address filtering can be defeated by spoofing and doesn’t authenticate the user or device; static IP addressing doesn’t verify identity or prevent new devices from connecting once a link is established.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy