PrepAway - Latest Free Exam Questions & Answers

How will interface FastEthernnet0/1 respond when an 802.1x-enabled client connects to the port?

Refer to the exhibit. How will interface FastEthernnet0/1 respond when an 802.1x-enabled
client connects to the port?

PrepAway - Latest Free Exam Questions & Answers

A.
The switch will uniquely authorize the client by using the client MAC address.

B.
The switch will cause the port to remain in the unauthorized state, ignoring all attempts by
the client to authenticate.

C.
The switch port will disable 802.1x port-based authentication and cause the port to
transition to the authorized state without any further authentication exchange.

D.
The switch port will enable 802.1x port-based authentication and begin relaying
authentication messages between the client and the authentication server.

Explanation:

The IEEE 802.1x standard defines a port-based access control and authentication protocol
that restricts unauthorized workstations from connecting to a LAN through publicly
accessible switch ports. The authentication server authenticates each workstation that is
connected to a switch port before making available any services offered by the switch or the
LAN. Until the workstation is authenticated, 802.1x access control allows only Extensible
Authentication Protocol over LAN (EAPOL) traffic through the port to which the workstation is
connected. After authentication succeeds, normal traffic can pass through the port.
You control the port authorization state by using the dot1x port-control interface configuration
command and these keywords:
force-authorized: Disables 802.1x port-based authentication and causes the port to transition
to the authorized state without any authentication exchange required. The port transmits and
receives normal traffic without 802.1x-based authentication of the client. This is the default
setting.
force-unauthorized: Causes the port to remain in the unauthorized state, ignoring all
attempts by the client to authenticate. The switch cannot provide authentication services to
the client through the interface.
auto: Enables 802.1x port-based authentication and causes the port to begin in the
unauthorized state, allowing only EAPOL frames to be sent and received through the port.
The authentication process begins when the link state of the port transitions from down to up
(authenticator initiation) or when an EAPOL-start frame is received (supplicant initiation).
The switch requests the identity of the client and begins relaying authentication messages
between the client and the authentication server. The switch uniquely identifies each client
attempting to access the network by using the client MAC address.
Example:


Leave a Reply