An organization plans to deploy a solution that will verify endpoint security posture before granting network access. The chosen technology should actively check for up-to-date antivirus software, current patch levels, and an enabled host firewall before allowing any devices to connect to the secure corporate network. Which technology BEST meets this requirement?
Network Access Control (NAC)
Virtual Private Network (VPN)
Network segmentation
Intrusion Detection and Prevention System (IDS/IPS)
Network Access Control (NAC) is the appropriate solution because it can enforce endpoint health policies at the time a device attempts to join the network. Modern NAC platforms (for example, Cisco ISE or Aruba ClearPass) perform posture assessment by verifying antivirus currency, operating-system patch level, and host firewall status. Only devices that pass these checks are granted normal network access; noncompliant endpoints can be quarantined or remediated.
A virtual private network (VPN) primarily provides encrypted remote connectivity. While some vendors add optional posture plug-ins, standard VPN functionality alone does not evaluate endpoint health before access. IDS/IPS products monitor or block malicious traffic after it enters the network rather than vetting a device beforehand. Network segmentation restricts traffic flows once a device is connected but likewise does not assess endpoint security posture at admission time.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
How does NAC enforce endpoint health checks?
Open an interactive chat with Bash
How is NAC different from VPN in terms of functionality?
Open an interactive chat with Bash
What role does 802.1X play in NAC solutions?
Open an interactive chat with Bash
ISC2 CISSP
Communication and Network Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .