Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) — Question 313

What is a characteristic of MACsec?

Answer options

• A. 802.1AE is built between the host and switch using the MKA protocol, which negotiates encryption keys based on the primary session key from a successful 802.1X session.
• B. 802.1AE is negotiated using Cisco AnyConnect NAM and the SAP protocol.
• C. 802.1AE is built between the host and switch using the MKA protocol using keys generated via the Diffie-Hellman algorithm (anonymous encryption mode).
• D. 802.1AE provides encryption and authentication services.

Correct answer: A

Explanation

The correct answer is A because it accurately describes the establishment of MACsec using the MKA protocol and its reliance on encryption keys from 802.1X sessions. Option B is incorrect as it inaccurately states the negotiation method for 802.1AE. Option C is also wrong because it misrepresents the key generation process, and D, while true, does not specifically characterize MACsec's operation.