CompTIA Security Plus Mock Test Q196

A security administrator is tasked with ensuring that all devices have updated virus definition files before they are allowed to access network resources. Which of the following technologies would be used to accomplish this goal?

A. NIDS
B. NAC
C. DLP
D. DMZ
E. Port Security

Correct Answer: B
Section: Network Security

Explanation:
Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies.

Incorrect Answers:
A: A network-based IDS (NIDS) is reliable for detecting network-focused attacks.
C: Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network.
D: A DMZ or demilitarized zone add an additional layer of security to an organization’s local area network (LAN).
E: Port security works at level 2 of the OSI model and allows an administrator to configure switch ports so that only certain MAC addresses can use the port.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 21, 36, 100
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 87, 157