ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
Your organization is rolling out a secure Wi-Fi network that must admit both company-owned laptops managed by EDR software and unmanaged BYOD smartphones. The security team wants to verify antivirus status, OS patch level, and disk encryption on corporate laptops before granting full access, while allowing guest devices Internet-only access with minimal onboarding friction. Which NAC approach best satisfies these requirements?
Implement a hybrid NAC solution that installs a persistent agent on corporate laptops for deep posture checks and relies on agentless profiling or captive portal enforcement for BYOD smartphones.
Require a dissolvable (temporary) agent to download to each device at login, perform checks, then remove itself after a few hours.
Deploy a persistent agent on every connecting device so the NAC system can run continuous posture assessments before any access is granted.
Use an agentless NAC solution exclusively, relying on DHCP or SNMP interrogation to determine compliance for all endpoints.
A persistent agent is the only NAC technique that can continuously read deep host posture details such as running antivirus, patch level, and disk-encryption settings on corporate laptops. Because unmanaged smartphones cannot be expected to install software, an agentless technique that profiles the device through DHCP fingerprinting or captive portal is preferred for them. A hybrid deployment-persistent agent for managed assets and agentless profiling for unmanaged BYOD-meets both goals. Using a persistent or dissolvable agent on every device would block or frustrate guest smartphones, while a purely agentless design could not collect the detailed security posture needed on the company laptops.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a NAC (Network Access Control) system?
Open an interactive chat with Bash
What is the difference between a persistent agent and a dissolvable agent in NAC systems?
Open an interactive chat with Bash
How does agentless profiling work in a NAC solution?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Network and Communication Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .