exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam

Exam SY0-701 topic 1 question 473 discussion

Actual exam question from CompTIA's SY0-701
Question #: 473
Topic #: 1
[All SY0-701 Questions]

Which of the following is the best way to prevent an unauthorized user from plugging a laptop into an employee's phone network port and then using tools to scan for database servers?

  • A. MAC filtering
  • B. Segmentation
  • C. Certification
  • D. Isolation
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
1f2b013
Highly Voted 3 months, 1 week ago
Selected Answer: A
MAC filtering is a network access control mechanism that allows or blocks devices based on their Media Access Control (MAC) addresses. By implementing MAC filtering, the network can restrict access to authorized devices only, preventing an unauthorized laptop from connecting and conducting scans, even if it is physically plugged into a network port.
upvoted 7 times
...
CSue
Most Recent 1 month, 2 weeks ago
Selected Answer: C
Certification (i.e., 802.1X or certificate-based authentication) is indeed the most effective way to ensure that unauthorized devices, like a laptop plugged into an employee’s phone port, cannot access the network without proper authentication. 802.1X is a network access control protocol that requires devices to authenticate before gaining network access, preventing unauthorized access even if the device is physically plugged into the port MAC filtering: While this can limit access to devices with specific MAC addresses, it's less secure because MAC addresses can be easily spoofed. However, it's a supplementary measure that could be useful in tandem with other controls like 802.1X.
upvoted 1 times
...
9149f41
1 month, 4 weeks ago
Selected Answer: A
MAC filtering can be done by mobile (based on the mobile device, e.g., an Android phone is usually available) setting or MDM with the company application.
upvoted 1 times
9149f41
1 month, 4 weeks ago
Android: Go to Settings Select "Mobile Hotspot & Tethering" Tap on "Wi-Fi Hotspot" Look for "Allowed Devices" or "MAC Filter" Enable MAC filtering Add allowed device MAC addresses
upvoted 1 times
...
...
rob79
2 months ago
Selected Answer: C
This should be certification, as the attacker can spoof the phones MAC address, by deploying certification with 802.1x there is greater security than MAC filtering.
upvoted 2 times
...
Eracle
2 months, 3 weeks ago
Selected Answer: B
Network segmentation divides the physical network into logical subnets isolated from each other. If an unauthorized user connects to the network port of an employee's phone, he will be within the employee network segment. Because of the segmentation, he will not have direct access to the network segment where the database servers reside. Even if he were to perform a network scan, he would see only the devices in his own segment, not the database servers.
upvoted 2 times
...
jbmac
3 months ago
Selected Answer: B
The correct answer is: B. Segmentation Explanation: Segmentation involves dividing a network into smaller, isolated sub-networks or segments. By segmenting the network, you can control which devices or users have access to specific parts of the network. In this case, segmentation would prevent an unauthorized user from accessing sensitive parts of the network (such as the database servers) even if they plug their laptop into a network port. The unauthorized laptop would be placed on a segment of the network that does not have access to critical resources, thereby preventing scans and unauthorized access.
upvoted 1 times
...
Becccca
3 months ago
Selected Answer: C
Certification (i.e., using 802.1X or certificate-based authentication) is the most effective way to ensure that simply plugging a laptop into a phone port will not grant unauthorized network access. The switch will refuse to pass traffic until the device proves it has valid authentication—effectively stopping casual plug-ins and scans in their tracks.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago