I think both B and C have some good qualities, but I ma going with B.
NAC validates that the posture or state of endpoint devices complies with security policies before the devices can access protected areas of the network. For devices that comply with the security policies, NAC allows access to protected services in the network. For devices that do not comply with security policies, NAC allows access to the network only for remediation, when the posture of the device is checked again.
https://docs.genians.com/release/en/intro.html; NAC can require the use of certificates, passwords, or a combination of both before allowing network admission.
It doesn't just provide access for 'endpoints' to web apps stated so if we take that answer literally as written - it's not as correct as the only correct answer which is " NAC can require the use of certificates, passwords, or a combination of both before allowing network admission.'
B. NAC supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state.
Network Admission Control (NAC) allows organizations to assess and validate the security posture of endpoints (such as computers or devices) before granting them access to the network. It checks for compliance with security policies, up-to-date antivirus software, operating system patches, and other security requirements. Once the endpoint's security posture is verified and meets the criteria set by the organization, it is allowed to enter an authorized state and gain network access.
The benefit of using Network Admission Control (NAC) is that it supports validation of the endpoint's security posture prior to allowing the session to go into an authorized state. This means that devices attempting to access the network can be checked for compliance with security policies, such as up-to-date antivirus software or the presence of required security settings, before being granted access. This can help prevent the spread of malware and other security threats across the network.
Excluding A and D.
Option B seems not true to me, because NAC does security posture scan before authenticate the machine (not before authorize it).
I vote for C.
C is included within B, hence B is the better answer.
I.e. we can stipulate certificates and passwords as compliance conditions when checking endpoints security posture.
From rdy4u below ""Network access control (NAC)", also known as "Network Admission Control", is the process of restricting unauthorized users and devices from gaining access to a corporate or private network. NAC ensures that only users who are authenticated and devices that are authorized and compliant with security policies can enter the network.
https://www.fortinet.com/resources/cyberglossary/what-is-network-access-control"
"Network access control (NAC)", also known as "Network Admission Control", is the process of restricting unauthorized users and devices from gaining access to a corporate or private network. NAC ensures that only users who are authenticated and devices that are authorized and compliant with security policies can enter the network.
https://www.fortinet.com/resources/cyberglossary/what-is-network-access-control
Nah, C is a authentication server, think Microsoft NPS, Cisco ISE, FortiAuthenticator. A NAC is all about ensuring devices meet a base level of compliance before gaining access to the network. Cisco ISE, for example, has RADIUS and TACAC functionality for Certificate/Password based authentication, and it also has a NAC function (requires Advantage/Premier Licensing) which enables it to determine the devices posture, which it can then use as part of its authentication and authorization processes. It's B.
NAC is a generic term for a solution that selectively grants network access to devices based on one or more criteria. Those criteria could be based on authentication (only authorized users are granted access to the network), security posture (only devices with up-to-date operating systems and antivirus software can connect), or any number of other criteria (device manufacturer, employee access level, etc).
upvoted 4 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
stickerbush1970
Highly Voted 2 years, 2 months agojackdryan
1 year, 6 months agoCww1
Highly Voted 2 years, 2 months agoCCNPWILL
Most Recent 5 months, 3 weeks agoMP26
7 months agoGuardianAngel
9 months, 3 weeks agoYesPlease
11 months, 1 week agoSoleandheel
11 months, 2 weeks agoinvincible96
1 year, 8 months agoDee83
1 year, 10 months agoCessar
1 year, 10 months agooudmaster
1 year, 11 months agoBP_lobster
1 year, 12 months ago254Tech
2 years agordy4u
2 years agoHumongous1593
2 years, 1 month ago[Removed]
2 years agoCuteRabbit168
2 years, 1 month ago