You have configured a guest VLAN using 802.1X on a Cisco Catalyst switch. A client incapable of
using 802.1X has accessed the port and has been assigned to the guest VLAN. What happens
when a client capable of using 802.1Xjoins the network on the same port?

A.
The client capable of using 802.1X is allowed access and proper security policies are applied to
the client.

B.
EAPOL packets will not be allowed on the guest VLAN and the access attempt with fail.

C.
The port is put into the unauthorized state in the user-configured access VLAN, and
authentication is restarted.

D.
This is considered a security breach by the authentication server and all users on the access
port will be placed into the restricted VLAN.

Explanation:
Usage Guidelines for Using Authentication Failed VLAN Assignment
When an authentication failed port is moved to an unauthorized state the authentication process is
restarted. If you should fail the authentication process again the authenticator waits in the held

state. After you have correctly reauthenticated all 802.1x ports are reinitialized and treated as
normal 802.1x ports.
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sga/configuration/guide/dot1x.
html#wp1198927