Comptia Security Plus Mock Test Q46

A company determines a need for additional protection from rogue devices plugging into physical ports around the building. Which of the following provides the highest degree of protection from unauthorized wired network access?

A. Intrusion Prevention Systems
B. MAC filtering
C. Flood guards
D. 802.1x

Correct Answer: D
Section: Network Security

Explanation:
IEEE 802.1x is an IEEE Standard for Port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols and provides an authentication mechanism to wireless devices connecting to a LAN or WLAN.

Incorrect Answers:
A: Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities
for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it.
Plugging a device into the network would not be considered malicious activity so the IPS would not prevent it.

B: MAC filtering is typically used in wireless networks. In computer networking, MAC Filtering (or GUI filtering, or layer 2 address filtering) refers to a security access control method
whereby the 48-bit address assigned to each network card is used to determine access to the network.

C: Flood guards are used to prevent network flooding attacks such as DoS, SYN floods, ping floods etc. They are not used to prevent devices connecting to a network.

References:
http://en.wikipedia.org/wiki/IEEE_802.1X
http://en.wikipedia.org/wiki/MAC_filtering
http://en.wikipedia.org/wiki/Intrusion_prevention_system