Which of the following is the best way to prevent an unauthorized user from plugging a laptop into an employee's phone network port and then using tools to scan for database servers?
MAC filtering is a network access control mechanism that allows or blocks devices based on their Media Access Control (MAC) addresses. By implementing MAC filtering, the network can restrict access to authorized devices only, preventing an unauthorized laptop from connecting and conducting scans, even if it is physically plugged into a network port.
Certification (i.e., 802.1X or certificate-based authentication) is indeed the most effective way to ensure that unauthorized devices, like a laptop plugged into an employee’s phone port, cannot access the network without proper authentication. 802.1X is a network access control protocol that requires devices to authenticate before gaining network access, preventing unauthorized access even if the device is physically plugged into the port
MAC filtering: While this can limit access to devices with specific MAC addresses, it's less secure because MAC addresses can be easily spoofed. However, it's a supplementary measure that could be useful in tandem with other controls like 802.1X.
MAC filtering can be done by mobile (based on the mobile device, e.g., an Android phone is usually available) setting or MDM with the company application.
Android:
Go to Settings
Select "Mobile Hotspot & Tethering"
Tap on "Wi-Fi Hotspot"
Look for "Allowed Devices" or "MAC Filter"
Enable MAC filtering
Add allowed device MAC addresses
This should be certification, as the attacker can spoof the phones MAC address, by deploying certification with 802.1x there is greater security than MAC filtering.
Network segmentation divides the physical network into logical subnets isolated from each other. If an unauthorized user connects to the network port of an employee's phone, he will be within the employee network segment. Because of the segmentation, he will not have direct access to the network segment where the database servers reside. Even if he were to perform a network scan, he would see only the devices in his own segment, not the database servers.
The correct answer is:
B. Segmentation
Explanation:
Segmentation involves dividing a network into smaller, isolated sub-networks or segments. By segmenting the network, you can control which devices or users have access to specific parts of the network. In this case, segmentation would prevent an unauthorized user from accessing sensitive parts of the network (such as the database servers) even if they plug their laptop into a network port. The unauthorized laptop would be placed on a segment of the network that does not have access to critical resources, thereby preventing scans and unauthorized access.
Certification (i.e., using 802.1X or certificate-based authentication) is the most effective way to ensure that simply plugging a laptop into a phone port will not grant unauthorized network access. The switch will refuse to pass traffic until the device proves it has valid authentication—effectively stopping casual plug-ins and scans in their tracks.
upvoted 2 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
1f2b013
Highly Voted 3Â months, 1Â week agoCSue
Most Recent 1Â month, 2Â weeks ago9149f41
1Â month, 4Â weeks ago9149f41
1Â month, 4Â weeks agorob79
2Â months agoEracle
2Â months, 3Â weeks agojbmac
3Â months agoBecccca
3Â months ago