ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 427 discussion

Actual exam question from ISC's CISSP
Question #: 427
Topic #: 1
[All CISSP Questions]

A large law firm would like to enable employees to participate in a bring your own device (BYOD) program. Only devices with up-to-date antivirus and operating system (OS) patches will be allowed on the network. Which solution will BEST enforce the security requirements?

  • A. Endpoint Detection and Response
  • B. Next-Generation Firewall
  • C. Intrusion detection and prevention system (IDPS)
  • D. Network Access Control (NAC)
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Delab202 at April 2, 2023, 1:41 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ServerBrain
1 week, 2 days ago
Selected Answer: D
D. Network Access Control (NAC)
upvoted 1 times
...
Soleandheel
9 months, 1 week ago
The solution that will BEST enforce the security requirements for a bring your own device (BYOD) program, where only devices with up-to-date antivirus and operating system (OS) patches are allowed on the network, is: D. Network Access Control (NAC). Network Access Control (NAC) is specifically designed for controlling and managing access to a network based on various security policy requirements.
upvoted 2 times
...
InclusiveSTEAM
11 months, 1 week ago
D NAC can check device health state and compliance with security policies before allowing network access. It can verify antivirus, OS patching level, and other desired posture criteria are met. Non-compliant devices can be denied access or quarantined. The other options cannot enforce these pre-connection access controls: A) Endpoint Detection and Response validates and responds to threats post-access but does not restrict initial network admission. B) Next-Generation Firewalls filter traffic but do not validate BYOD device state upfront. C) IDS/IPS monitors traffic but does not authenticate and authorize devices.
upvoted 2 times
...
Tygrond87
1 year, 4 months ago
how are you going to enforce policy on a BYOD ?
upvoted 1 times
jackdryan
1 year, 4 months ago
D is correct
upvoted 2 times
...
...
Delab202
1 year, 5 months ago
Selected Answer: D
Network access control (NAC) is a security solution that enforces policy on devices that access networks to increase network visibility and reduce risk
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago