Which two statements about 802.1X authentication on FortiSwitch ports are true? (Choose two answers)

A. All devices connecting to FortiSwitch must support 802.1X authentication.
B. A security policy is used to apply 802.1 authentication on a port.
C. All hosts behind an authenticated port are allowed access after a successful authentication.
D. A local user database must be used to authenticate devices using the 802.1X authentication protocol.

Correct Answer: B,C

Brave-Dump Clients Votes

BC 100%

Comments

Mohamed Shaban 2025-10-04 16:16:27

Selected Answers: B, C

The two true statements about 802.1X authentication on FortiSwitch ports are: (A) All hosts behind an authenticated port are allowed access after successful authentication, and (B) A security policy is used to apply 802.1X authentication on a port. These options are correct because 802.1X allows a single authentication to permit access for all devices on a port, and FortiSwitch utilizes specific security policies to enable and configure this functionality on individual ports.
Here's why the other options are generally false:
(C) A local user database must be used
is false because while a local database can be used, external RADIUS servers are also a common and supported method for authentication.
(D) All devices connecting to FortiSwitch must support 802.1X authentication
is false because FortiSwitch can handle non-802.1X devices through mechanisms like MAC authentication bypass (MAB), often directing them to an onboarding VLAN or a quarantine VLAN.