*Network Access Control (NAC)
X systems can be used to authenticate users, and then validate their system's compliance with a security standard before they are allowed to connect to the network. Enforcing security profiles can help reduce zero-day attacks, making NAC a useful solution. A firewall can't enforce system security policies, whereas an IDS can only monitor for attacks and alarm when they happen. Thus neither a firewall nor an IDS meets Kolin's needs. Finally, port security is a MAC address-based security feature that can only restrict which systems or devices can connect to a given port.
Alternate answers seen on other CBTs
The same question shows up worded slightly differently across CBT versions. Here are the other answer variants we've indexed.
Software agents can further be classified as either permanent or dissolvable. A permanent agent stays on the device indefinitely—a dissolvable agent is removed once the device is authenticated.
Comptia Certmaster Ce Security+ →inline sensor is inserted into a network segment so that the traffic that it is monitoring must pass through the sensor. A passive sensor monitors a copy of network traffic; the actual traffic does not pass through the device
Comptia Exam Objectives Security+ →You have a role in your organization - Manager, director, team lead, project manager Administrators provide access based on the role of the user - Rights are gained implicitly instead of explicitly In Windows, use Groups to provide role-based access control - You are in shipping and receiving so you can use the shipping software - You are the manager, so you can review shipping logs
Comptia Sec Plus Objectives →- Evaluates system security status before connecting to the network - Anti-virus status - System update level - Configuration settings - Software firewall enabled
Comptia Security+ Study Guide →