Comptia Security Plus Mock Test Q81

A computer is put into a restricted VLAN until the computer’s virus definitions are up-to-date. Which of the following BEST describes this system type?

A. NAT
B. NIPS
C. NAC
D. DMZ

Correct Answer: C
Section: Network Security

Explanation:
Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/ reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control.

Incorrect Answers:
A: NAT serves as a basic firewall by only allowing incoming traffic that is in response to an internal system’s request.
B: Network-based intrusion prevention system (NIPS) monitors the entire network for suspicious traffic by analyzing protocol activity.
D: A demilitarized zone (DMZ) is an area of a network that is designed specifically for public users to access.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 39, 40
http://en.wikipedia.org/wiki/Intrusion_prevention_system