CompTIA Security+ (SY0-501) — Question 961

A network administrator at a large organization is reviewing methods to improve the security of the wired LAN. Any security improvement must be centrally managed and allow corporate-owned devices to have access to the intranet but limit others to Internet access only. Which of the following should the administrator recommend?

Answer options

• A. 802.1X utilizing the current PKI infrastructure
• B. SSO to authenticate corporate users
• C. MAC address filtering with ACLs on the router
• D. PAM for users account management

Correct answer: A

Explanation

The correct answer is A because 802.1X provides a centralized authentication method that allows corporate devices access to the network while controlling access for others. Options B, C, and D do not offer the same level of control over network access or centralized management as 802.1X does.