nerdexam
CompTIA

CV0-003 · Question #592

A company has decided to get multiple compliance and security certifications for its public cloud environment. However, the company has few staff members to handle the extra workload, and it has limit

The correct answer is D. NAC. NAC automates device and user compliance enforcement, reducing the manual workload for understaffed teams and enabling rapid alignment with security certification requirements without requiring deep infrastructure knowledge.

Security

Question

A company has decided to get multiple compliance and security certifications for its public cloud environment. However, the company has few staff members to handle the extra workload, and it has limited knowledge of the current infrastructure. Which of the following will help the company meet the compliance requirements as quickly as possible?

Options

  • ADLP
  • BCASB
  • CFIM
  • DNAC

How the community answered

(33 responses)
  • A
    6% (2)
  • B
    3% (1)
  • C
    9% (3)
  • D
    82% (27)

Why each option

NAC automates device and user compliance enforcement, reducing the manual workload for understaffed teams and enabling rapid alignment with security certification requirements without requiring deep infrastructure knowledge.

ADLP

DLP (Data Loss Prevention) monitors and restricts data movement to prevent exfiltration but does not automate or accelerate the broader access compliance requirements needed for security certifications.

BCASB

CASB (Cloud Access Security Broker) improves visibility and policy enforcement for cloud application usage but is primarily focused on sanctioned/unsanctioned SaaS governance rather than rapidly enforcing endpoint and user compliance across the full environment.

CFIM

FIM (File Integrity Monitoring) detects unauthorized file and configuration changes to support compliance audits, but it is a detective control that requires existing infrastructure knowledge to configure meaningfully and does not reduce staff workload for certification readiness.

DNACCorrect

Network Access Control (NAC) automatically validates that all devices and users meet predefined security and compliance policies before granting network access, enforcing baseline controls required by frameworks like PCI DSS and ISO 27001 with minimal staff intervention. Because NAC operates as a policy enforcement point rather than requiring administrators to audit each system individually, it accelerates compliance readiness even when infrastructure knowledge is limited. This automation-first approach makes it the fastest path to satisfying multiple compliance requirements simultaneously with a small team.

Concept tested: NAC automation for rapid compliance certification

Topics

#cloud compliance#security certifications#NAC#cloud security posture

Community Discussion

No community discussion yet for this question.

Full CV0-003 Practice