A threat intelligence team discovered an unauthorized device gaining entry to a protected segment without a challenge. Logs show that this device bypassed policy-based checks, indicating no authentication request was triggered on the switch. Which solution best addresses the cause of the unauthorized entry?
Enable extended authentication negotiations on the trunk interface to enforce credential checks
Implement anomaly detection on the router that connects external traffic
Apply domain blocking rules through authoritative DNS filtering
Rotate and reissue the internal certificate authority credentials
When a switch is not configured to pass extended authentication messages over its interfaces, devices can join the network without being prompted for credentials. Adjusting the trunk interface so it supports 802.1X or other port-based authentication ensures request and response traffic is not dropped. Enabling DNS filtering, reissuing certificates, or monitoring suspicious activity at the edge do not fix the underlying data-link problem that permits access without authentication.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is 802.1X authentication?
Open an interactive chat with Bash
Why is enabling extended authentication on trunk interfaces important?
Open an interactive chat with Bash
How does DNS filtering differ from authentication protocols like 802.1X?