CompTIA Security+ (SY0-401) — Question 24

A company determines a need for additional protection from rogue devices plugging into physical ports around the building.
Which of the following provides the highest degree of protection from unauthorized wired network access?

Answer options

• A. Intrusion Prevention Systems
• B. MAC filtering
• C. Flood guards
• D. 802.1x

Correct answer: D

Explanation

The correct answer is 802.1x, as it enforces port-based network access control, requiring devices to authenticate before being granted access to the network. While Intrusion Prevention Systems can detect and prevent attacks, they do not specifically restrict access at the port level. MAC filtering allows only pre-approved MAC addresses but can be easily spoofed, and flood guards primarily protect against denial-of-service attacks rather than unauthorized access.