In a Windows Active Directory environment, which Windows Server technology can evaluate a computer's health status-such as whether critical Windows Updates are installed-and restrict or quarantine the computer's network access until it becomes compliant?
Network Access Protection (NAP) works with a Network Policy Server (NPS) to check the health state of a client when it tries to connect to the network. If the client does not meet the defined health requirements (for example, missing security patches), NAP can place the computer on a restricted network or block access completely until the required updates are installed and the client re-evaluates as compliant. Group Policy, WSUS, and Organizational Units are management tools or containers-they can deploy settings or updates but they do not automatically quarantine out-of-date systems.
Sources:
Microsoft Learn: "Network Access Protection… restricting the access of the network client until health policy requirements have been met"
Wikipedia: "With NAP, administrators can define policies … Computers … can be restricted or denied network access if they are not in compliance"
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Group Policy in Active Directory?
Open an interactive chat with Bash
How does Group Policy enforce updates in a Windows environment?
Open an interactive chat with Bash
What types of settings can be configured using Group Policy?