Exam SY0-701 topic 1 question 486 discussion

The correct answer is: B. Compliance attestation Explanation: Compliance attestation is the best step for the security team to perform before allowing guest devices to access corporate resources. It involves ensuring that the devices meet specific security requirements or policies (e.g., having up-to-date antivirus software, applying security patches, or configuring firewalls). This is an essential part of network access control (NAC) and helps ensure that devices are compliant with the company's security standards before granting access to sensitive resources.

Before allowing guest devices access to corporate resources, the security team should perform compliance attestation. Compliance attestation involves verifying that the guest device meets the organization's security policies and standards. This typically includes checks such as: Antivirus software: Is antivirus software installed and updated? Firewall: Is a firewall enabled and configured correctly? Operating system updates: Is the operating system up-to-date with the latest security patches? Other security controls: Does the device meet other security requirements, such as strong passwords and encryption? By performing compliance attestation, the security team can ensure that guest devices do not pose a significant security risk to the corporate network before granting them access to critical resources.

Device fingerprinting. This means checking the type of device, its settings, and its software to make sure it’s a legitimate and safe device. It helps identify risky devices and prevent them from accessing sensitive company systems.