nerdexam
(ISC)2

CISSP · Question #1436

In an environment where there is not full administrative control over all network connected endpoints, such as a university where non-corporate devices are used, what is the BEST way to restrict acces

The correct answer is D. Use a clientless Network Access Control (NAC) solution. The best way to restrict access to the network in an environment where there is not full administrative control over all network connected endpoints, such as a university where non- corporate devices are used, is to use a clientless Network Access Control (NAC) solution. A client

Submitted by kev92· Mar 5, 2026Communication and Network Security

Question

In an environment where there is not full administrative control over all network connected endpoints, such as a university where non-corporate devices are used, what is the BEST way to restrict access to the network?

Options

  • AUse switch port security to limit devices connected to a particular switch port.
  • BUse of virtual local area networks (VLAN) to segregate users.
  • CUse a client-based Network Access Control (NAC) solution.
  • DUse a clientless Network Access Control (NAC) solution

How the community answered

(28 responses)
  • A
    7% (2)
  • B
    4% (1)
  • C
    18% (5)
  • D
    71% (20)

Explanation

The best way to restrict access to the network in an environment where there is not full administrative control over all network connected endpoints, such as a university where non- corporate devices are used, is to use a clientless Network Access Control (NAC) solution. A clientless NAC solution is a type of NAC solution that does not require the installation or configuration of any software or agent on the endpoints that connect to the network. A clientless NAC solution can enforce the network access policies and rules based on the attributes or characteristics of the endpoints, such as device type, operating system, IP address, MAC address, or user identity. A clientless NAC solution can also perform the network access authentication and authorization, and the network health and compliance checks, without relying on the endpoint cooperation or compliance. A clientless NAC solution is suitable for an environment where there is not full administrative control over all network connected endpoints, such as a university where non- corporate devices are used, because it can provide a consistent and centralized network access control, regardless of the endpoint ownership, configuration, or

Topics

#NAC#clientless NAC#network access control#BYOD security

Community Discussion

No community discussion yet for this question.

Full CISSP Practice