Implementing Cisco Secure Access Solutions (SISAS, legacy) — Question 4

Cisco 802.1X phasing enables flexible deployments through the use of open, low-impact, and closed modes. What is a unique characteristic of the most secure mode?

Answer options

• A. Granular ACLs applied prior to authentication
• B. Per user dACLs applied after successful authentication
• C. Only EAPoL traffic allowed prior to authentication
• D. Adjustable 802.1X timers to enable successful authentication

Correct answer: C

Explanation

The most secure mode allows only EAPoL traffic before authentication, which minimizes potential security risks by blocking all other traffic until the user is authenticated. Other options involve policies or configurations that either don't specifically restrict traffic before authentication or apply after successful authentication, thus not enhancing the security in the same manner.