Typically, any mature NAC deployment in a corporation would be able to identify any new elements (devices) added to the network. During a red teaming exercise or internal penetration testing, an attacker typically adds a device to a network such as pwnexpress NAC and bypasses the restrictions set by the NAC by running Kali Linux on the device and maintain shell access to the added device.

In the Bypassing MAC address authentication and open authentication section of Chapter 6, Wireless Attacks, we saw how to bypass MAC address authentication and allow our system to admit the network through macchanger.