Refer to the exhibit. How will interface FastEthernnet0/1 respond when an 802.1x-enabled client connects to the port?
A.
The switch will uniquely authorize the client by using the client MAC address.
B.
The switch will cause the port to remain in the unauthorized state, ignoring all attempts by the client to authenticate.
C.
The switch port will disable 802.1x port-based authentication and cause the port to transition to the authorized state without any further authentication exchange.
D.
The switch port will enable 802.1x port-based authentication and begin relaying authentication messages between the client and the authentication server.
Explanation:
The IEEE 802.1x standard defines a port-based access control and authentication protocol that restricts unauthorized workstations from connecting to a LAN through publicly accessible switch ports. The authentication server authenticates each workstation that is connected to a switch port before making available any services offered by the switch or the LAN. Until the workstation is authenticated, 802.1x access control allows only Extensible Authentication Protocol over LAN (EAPOL) traffic through the port to which the workstation is connected. After authentication succeeds, normal traffic can pass through the port. You control the port authorization state by using the dot1x port-control interface configuration command and these keywords:
force-authorized:
Disables 802.1x port-based authentication and causes the port to transition to the authorized state without any authentication exchange required. The port transmits and receives normal traffic without 802.1x-based authentication of the client. This is the default setting.
force-unauthorized: Causes the port to remain in the unauthorized state, ignoring all attempts by the client to authenticate. The switch cannot provide authentication services to the client through the interface.
auto: Enables 802.1x port-based authentication and causes the port to begin in the unauthorized state, allowing only EAPOL frames to be sent and received through the port. The authentication process begins when the link state of the port transitions from down to up (authenticator initiation) or when an EAPOL-start frame is received (supplicant initiation). The switch requests the identity of the client and begins relaying authentication messages between the client and the authentication server. The switch uniquely identifies each client attempting to access the network by using the client MAC address.
Example:
Answer C is partially right. Since 802.1x has not been enabled on the switch there is nothing to disable 😉