CERTIFIED-IN-CYBERSECURITY Question #506: Real Exam Question with Answer & Explanation

Question

Which of the following BEST describes a security solution that enforces policies on devices attempting to access network resources?

Options

• AGeolocation restrictions
• BTime-based access control
• CPassword history requirements
• DNetwork access control

Explanation

Network access control (NAC) is a security solution that enforces policies on devices attempting to access network resources. In this scenario, the NAC policy could be set to allow access to the corporate cloud storage only from corporate devices (see ISC2 Study Guide, Chapter 4, Module 3). For example, an enterprise network might have a NAC solution that checks the status of a device when it attempts to connect to the network. It would check for up-to-date anti-virus protection, operating system patches, and specific device configurations. If the device does not meet the required security standards, it could be completely denied access to the network, granted limited access, or the user could be given instructions on how to update their device to meet the required security standards. While the remaining options are valid security measures, they do not systematically enforce corporate policies on devices. Time-based access control primarily regulates when users can access network resources, not whether their devices comply with corporate policies. Similarly, geolocation restrictions limit access based on a device's physical location, not whether the device meets security standards. Finally, password history requirements relate to the management of user passwords, ensuring that users change their passwords regularly and do not reuse old passwords.

No community discussion yet for this question.