Network Security/5.7 Network Access Control
What is an NAC agent? What types of NAC agents are available?
Specific software designed solely for doing a health check 3 Types of NAC agents: 1. permanent (= persistent agent): The agent resides on a device permanently. The most convenient agent. 2. dissolvable: The agent is downloaded or established temporarily. Is removed once the user is done with it. 3. agentless: The agent is on the domain controller. When the user logs into the domain, it authenticates with the network. Agentless NAC is often used when there is limited disk space, such as for Internet of Things(IoT) devices
Which of the following applies the appropriate policies in order to provide a device with the access it's defined to receive?
authorization
Which of the following NAC agent types creates a temporary connection?
dissolvable
What are the four steps of the NAC process?
1. Plan: define how NAC should work 2. Define: The role, identities, and permissions(policies) are defined 3. Apply: the policies must be applied 4. Review/Revise: Be reviewed to determine whether changes are required
Which of the following NAC agent types is the most convenient agent type?
Permanent
Which of the steps in the Network Access Control (NAC) implementation process occurs once the policies have been defined?
Apply
Bring your own device (BYOD)
A policy that allows an employee to use a personal device such as a laptop computer or ipad to connect to the organization's network to accomplish daily work tasks
What are the two stages in the network access control (NAC) process?
1. authentication: defines all the prerequisites a device must meet in to access the network 2. authorization looks at the authentication information and applies the appropriate policies to provide the device with the access it's defined to receive
Which of the following NAC agent types would be used for IoT devices?
Agentless
Which of the following defines all the prerequisites a device must meet in order to access a network?
Authenticate
What is Cisco's Network Access Control (NAC) solution called?
Identity Services Engine (ISE)
You are configuring the security settings for your network. You have decided to configure a policy that requires any computer connecting to the network to run at least Windows 10 version 2004. Which of the following have you configured?
NAC
How do remediation servers and auto-remediation help clients become compliant?
NAC is integrated with automatic remediation systems and helps bring a computer into compliance when NAC discovers missing requirements
NAC
Network Access Control A policy-driven control process (NOT a product) that allows or denies network access to devices connecting to a network ISE from Cisco, NAP from Microsoft -> products that utilize the NAC process
Which of the following BEST describes zero-trust security?
Only devices that pass both authentication and authorization are trusted.
You are part of a committee that is meeting to define how Network Access Control (NAC) should be implemented in the organization. Which step in the NAC process is this?
Plan