Security+ 5.7.3 Section Quiz
Which of the following NAC agent types would be used for IoT devices?
Agentless - An agentless agent is on the domain controller. When the user logs into the domain, it authenticates with the network. Agentless NAC is often used when there is limited disk space, such as for Internet of Things (IoT) devices.
Which of the steps in the Network Access Control (NAC) implementation process occurs once the policies have been defined?
Apply - The third step in implementing NAC is to apply the policies. This occurs after the policies have been defined.
Which of the following defines all the prerequisites a device must meet in order to access a network?
Authentication - Authentication defines all the prerequisites a device must meet in order to access a network. These criteria are detailed for such things as anti-malware, OS, and patch level.
Which of the following applies the appropriate policies in order to provide a device with the access it's defined to receive?
Authorization - Authorization looks at the authentication information and applies the appropriate policies in order to provide a device with the access it's defined to receive.
Which of the following NAC agent types creates a temporary connection?
Dissolvable - A dissolvable agent is downloaded, or a temporary connection is established. The agent is removed once the user is done with it. The user has to download or connect to the agent again if it is needed.
What is Cisco's Network Access Control (NAC) solution called?
Identity Services Engine (ISE) - Network Access Control (NAC) is not a product; it is a process. Many companies implement products that utilize the NAC process. Cisco's solution is called Identity Services Engine (ISE).
You are configuring the security settings for your network. You have decided to configure a policy that requires any computer connecting to the network to run at least Windows 10 version 2004. Which of the following have you configured?
NAC - Network Access Control (NAC) is a policy-driven control process that allows or denies network access to devices connecting to a network. For example, you may want to have policies that require connecting devices to meet certain criteria, such as having a particular version of Windows, the latest antivirus definitions, or Windows Firewall enabled.
Which of the following BEST describes zero-trust security?
Only devices that pass both authentication and authorization are trusted - Network Access Control (NAC) is usually accomplished using a two-stage process of authentication and authorization. If the requirements for either of these stages is not met, the access request is denied. This if often referred to as zero-trust security, meaning nothing is trusted unless it can pass both the authentication and authorization stages.
Which of the following NAC agent types is the most convenient agent type?
Permanent - A permanent agent resides on a device permanently. This is the most convenient agent since it does not have to be renewed and can always run on the device. It is also known as a persistent agent.
You are part of a committee that is meeting to define how Network Access Control (NAC) should be implemented in the organization. Which step in the NAC process is this?
Plan - Planning is the first step in the NAC implementation process. In this step, a committee should convene and make decisions that define how NAC should work.