Which of the following options is a functionality or tool that disallows access to a wireless network based on the layer 2 address of the client device?
ACL
Split tunnel VPN
MAC address filtering
WPA2
Layer 2 addresses (also called physical address) are MAC addresses. Using MAC filtering you can disallow any devices that are not explicitly granted access. While this can help increase security, it is not fool proof and advanced attackers can easily spoof the MAC address to gain access. MAC filtering alone is not sufficient to protect a network.
In computer networking, MAC address filtering is a security access control method whereby the MAC address assigned to each network interface controller is used to determine access to the network. MAC addresses are uniquely assigned to each card, so using MAC filtering on a network permits and denies network access to specific devices through the use of blacklists and whitelists. While the restriction of network access through the use of lists is straightforward, an individual person is not identified by a MAC address, rather a device only, so an authorized person will need to have a whitelist entry for each device that they would like to access the network. While giving a network some additional protection, MAC filtering can be circumvented by using a packet analyzer to find a valid MAC and then using MAC spoofing to access the network using that address. MAC address filtering can be considered as security through obscurity because the effectiveness is based on "the secrecy of the implementation or its components".
MAC_filtering - Wikipedia, the free encyclopediaJoin premium for unlimited access and more features
