What is the benefit of using Network Admission Control (NAC)?
What is the benefit of using Network Admission Control (NAC)?
NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state. It ensures that devices comply with security policies such as having up-to-date antivirus software, necessary patches, and other security configurations before granting access to the network. This prevents unauthorized or non-compliant devices from jeopardizing network security.
I think both B and C have some good qualities, but I ma going with B. NAC validates that the posture or state of endpoint devices complies with security policies before the devices can access protected areas of the network. For devices that comply with the security policies, NAC allows access to protected services in the network. For devices that do not comply with security policies, NAC allows access to the network only for remediation, when the posture of the device is checked again.
B is correct
going for B
NAC is a generic term for a solution that selectively grants network access to devices based on one or more criteria. Those criteria could be based on authentication (only authorized users are granted access to the network), security posture (only devices with up-to-date operating systems and antivirus software can connect), or any number of other criteria (device manufacturer, employee access level, etc).
B includes C and D. NACs can do all of those things. Such as checking for a supported OS. You don't want Win XP/Vista/7 on your network period.
Nah, C is a authentication server, think Microsoft NPS, Cisco ISE, FortiAuthenticator. A NAC is all about ensuring devices meet a base level of compliance before gaining access to the network. Cisco ISE, for example, has RADIUS and TACAC functionality for Certificate/Password based authentication, and it also has a NAC function (requires Advantage/Premier Licensing) which enables it to determine the devices posture, which it can then use as part of its authentication and authorization processes. It's B.
C is included within B, hence B is the better answer. I.e. we can stipulate certificates and passwords as compliance conditions when checking endpoints security posture. From rdy4u below ""Network access control (NAC)", also known as "Network Admission Control", is the process of restricting unauthorized users and devices from gaining access to a corporate or private network. NAC ensures that only users who are authenticated and devices that are authorized and compliant with security policies can enter the network. https://www.fortinet.com/resources/cyberglossary/what-is-network-access-control"
Page 667 CISSP all in one 9th edition
B. NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state.
The benefit of using Network Admission Control (NAC) is that it supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state. This means that devices attempting to access the network can be checked for compliance with security policies, such as up-to-date antivirus software or the presence of required security settings, before being granted access. This can help prevent the spread of malware and other security threats across the network.
B. NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state. Network Admission Control (NAC) allows organizations to assess and validate the security posture of endpoints (such as computers or devices) before granting them access to the network. It checks for compliance with security policies, up-to-date antivirus software, operating system patches, and other security requirements. Once the endpoint's security posture is verified and meets the criteria set by the organization, it is allowed to enter an authorized state and gain network access.
Answer B) NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state.
"Network access control (NAC)", also known as "Network Admission Control", is the process of restricting unauthorized users and devices from gaining access to a corporate or private network. NAC ensures that only users who are authenticated and devices that are authorized and compliant with security policies can enter the network. https://www.fortinet.com/resources/cyberglossary/what-is-network-access-control
B: https://www.cisco.com/c/en/us/products/security/what-is-network-access-control-nac.html
Excluding A and D. Option B seems not true to me, because NAC does security posture scan before authenticate the machine (not before authorize it). I vote for C.
https://docs.genians.com/release/en/intro.html; NAC can require the use of certificates, passwords, or a combination of both before allowing network admission. It doesn't just provide access for 'endpoints' to web apps stated so if we take that answer literally as written - it's not as correct as the only correct answer which is " NAC can require the use of certificates, passwords, or a combination of both before allowing network admission.'
Benefit vs benefits. B is better in these context.
question needs. the word PRIMARY benefit. not just benefit. Answer is B.