Which mechanism restricts network access to devices with approved MAC addresses by applying an access control list on a switch or access point?

Prepare for the Information Security Principles and Frameworks Test. Enhance your understanding with detailed questions, hints, and explanations. Ace your exam with confidence!

Multiple Choice

Which mechanism restricts network access to devices with approved MAC addresses by applying an access control list on a switch or access point?

Explanation:
Controlling access by allowing only devices with approved hardware addresses is MAC filtering. In this approach, a switch or wireless access point is configured with an access control list that lists permitted MAC addresses; frames from any device whose MAC is not on that list are dropped, so only approved devices can connect. This is a simple, static form of access control that doesn’t involve full authentication. Understanding its limits helps: because it relies on the MAC address in each frame, it can be spoofed by an attacker who changes their device’s MAC, making MAC filtering less secure than authentication-based methods. In contrast, IEEE 802.1X is a port-based authentication framework that requires a client (the supplicant) to prove its identity to an authentication server via an authenticator (the switch or AP), granting access only after successful authentication. The terms supplicant and authenticator describe roles in that process, not the mechanism of filtering by a MAC whitelist.

Controlling access by allowing only devices with approved hardware addresses is MAC filtering. In this approach, a switch or wireless access point is configured with an access control list that lists permitted MAC addresses; frames from any device whose MAC is not on that list are dropped, so only approved devices can connect. This is a simple, static form of access control that doesn’t involve full authentication.

Understanding its limits helps: because it relies on the MAC address in each frame, it can be spoofed by an attacker who changes their device’s MAC, making MAC filtering less secure than authentication-based methods. In contrast, IEEE 802.1X is a port-based authentication framework that requires a client (the supplicant) to prove its identity to an authentication server via an authenticator (the switch or AP), granting access only after successful authentication. The terms supplicant and authenticator describe roles in that process, not the mechanism of filtering by a MAC whitelist.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy