A company determines a need for additional protection from rogue devices plugging into physical ports
around the building.
Which of the following provides the highest degree of protection from unauthorized wired network
access?
A.
Intrusion Prevention Systems
B.
MAC filtering
C.
Flood guards
D.
802.1x
Explanation:
IEEE 802.1x is an IEEE Standard for Port-based Network Access Control (PNAC). It is part of the IEEE 802.1
group of networking protocols and provides an authentication mechanism to wireless devices connecting
to a LAN or WLAN.
Incorrect Answers:
A: Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS),
are network security appliances that monitor network and/or system activities for malicious activity. Themain functions of intrusion prevention systems are to identify malicious activity, log information about
this activity, attempt to block/stop it, and report it. Plugging a device into the network would not be
considered malicious activity so the IPS would not prevent it.
B: MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI
filtering, or layer 2 address filtering) refers to a security access control method whereby the 48-bit
address assigned to each network card is used to determine access to the network.
C: Flood guards are used to prevent network flooding attacks such as DoS, SYN floods, ping floods etc.
They are not used to prevent devices connecting to a network.http://en.wikipedia.org/wiki/IEEE_802.1X
http://en.wikipedia.org/wiki/MAC_filtering
http://en.wikipedia.org/wiki/Intrusion_prevention_system