nerdexam
(ISC)2

CISSP · Question #465

A corporate security policy specifies that all devices on the network must have updated operating system patches and anti-malware software. Which technology should be used to enforce this policy?

The correct answer is D. Network Access Control (NAC). Network Access Control (NAC) is a technology that can enforce a corporate security policy by checking the compliance status of the devices that attempt to connect to the network. NAC can verify if the devices have updated operating system patches and anti-malware software, and gr

Submitted by joshua94· Mar 5, 2026Communication and Network Security

Question

A corporate security policy specifies that all devices on the network must have updated operating system patches and anti-malware software. Which technology should be used to enforce this policy?

Options

  • ANetwork Address Translation (NAT)
  • BStateful Inspection
  • CPacket filtering
  • DNetwork Access Control (NAC)

How the community answered

(63 responses)
  • A
    2% (1)
  • B
    3% (2)
  • C
    3% (2)
  • D
    92% (58)

Explanation

Network Access Control (NAC) is a technology that can enforce a corporate security policy by checking the compliance status of the devices that attempt to connect to the network. NAC can verify if the devices have updated operating system patches and anti-malware software, and grant or deny access accordingly. Option A, Network Address Translation (NAT), is a technology that can translate the IP addresses of the devices on a network, but it does not check their compliance status. Option B, Stateful Inspection, is a technology that can monitor the state and context of the network traffic, but it does not check the compliance status of the devices. Option C, Packet filtering, is a technology that can filter the network traffic based on predefined rules, but it does not check the compliance status of the devices.

Topics

#network access control#endpoint security#security policy enforcement#patch management

Community Discussion

No community discussion yet for this question.

Full CISSP Practice