An organization wants to implement a solution that will verify endpoint security posture before granting network access. The solution should check for up-to-date antivirus, patch levels, and host firewall status before allowing devices to connect to the corporate network. What is the BEST technology to address this requirement?
You selected this option
Virtual Private Network (VPN)
You selected this option
Network segmentation
You selected this option
Intrusion Detection and Prevention System (IDS/IPS)
Network Access Control (NAC) is the correct solution because it specifically addresses the requirement to verify endpoint security posture before allowing network access. NAC solutions perform health checks on connecting devices to ensure they meet security requirements such as having up-to-date antivirus, proper patch levels, and enabled host firewalls. Once verified, NAC systems can dynamically assign appropriate access policies.
VPN would provide secure remote access but lacks the endpoint health verification capabilities described in the requirement. While IDS/IPS can detect and prevent attacks, they don't typically verify endpoint security posture before granting network access. Network segmentation is a valuable security strategy but doesn't inherently include the capability to check endpoint security status before allowing network connections.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Network Access Control (NAC)?
Open an interactive chat with Bash
How do NAC solutions perform health checks on devices?
Open an interactive chat with Bash
Why are VPNs not suitable for endpoint health verification?
Open an interactive chat with Bash
ISC2 CISSP
Communication and Network Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Oh snap!
Loading...
Loading...
Loading...
Information Technology Package Join Premium for Full Access