Unauthorized host on prod VLAN — 802.1X bypass via printer MAC spoofing
A medium Cyber × Network Fusion scenario on NAC Bypass + Pivot.
Start a graded attempt against this scenario. Your response is scored by the same deterministic rubric used across the catalog. Email and evidence content stay hidden until you start.
Launches this exact scenario. One of 3 templates in this Track + Difficulty pool.
catalog id · fusion-nac-bypass-pivot
What this scenario practices, mapped to recognized frameworks.
Educational mapping only. Not a compliance attestation.
- NAC-edge triage discipline
- Edge-to-internal scoping workflow
- Valid Accounts · Initial AccessT1078 · TA0001MappedHigh confidence
Trains triage when NAC-binding posture is circumvented.
- Remote Services · Lateral MovementT1021 · TA0008MappedMedium confidence
Trains internal scoping after NAC bypass.
- Network Traffic AnalysisD3-NTAMappedHigh confidence
Trains east-west visibility for unexpected access patterns.
- User Account PermissionsD3-UAPMappedMedium confidence
Trains the permission-scoping discipline.
- Access Control · ProtectPR.AC · PRMappedHigh confidence
Trains the access-control baseline at the edge.
- Continuous Monitoring · DetectDE.CM · DEMappedHigh confidence
Trains the monitoring baseline.
- IR lifecycle phaseDetection & AnalysisMappedHigh confidence
Trains NAC-bypass triage discipline.
- IR lifecycle phaseContainment, Eradication & RecoveryMappedHigh confidence
Trains port-level containment and isolation workflow.
- Asset Inventory1.AMappedHigh confidence
Trains the asset-inventory baseline.
- Document Network Topology2.MMappedHigh confidence
Trains the topology baseline.
- Inventory and Control of Enterprise AssetsControl 1MappedHigh confidence
Trains the asset-inventory control.
- Access Control ManagementControl 6MappedHigh confidence
Trains the access-management control.