Network Access Control 2.1

Question 1

Edge vs. Access Control

Answer 1

Edge is security at the firewall, the edge of your network. Access control, controls outside and inside your network. You can set many rules such as access based on user, group, location, app, etc. It can be easily revoked or changed as necessary.

Question 2

BYOD Policy (Bring Your Own Device)

Answer 2

Inherent risks. You don’t know what is on everyone’s devices. Controls include performing health checks before providing access (posture assessment). This checks various things such as what is installed on the device, is it mobile, disk encryption, OS, etc.

Question 3

Health Check/Posture Assessment

Answer 3

Multiple methods to accomplish. Persistent Agents, Dissolvable Agents, Agentless NAC.

Question 4

Persistent Agent

Answer 4

Permanent agent software installed on the device. Requires software updates.

Question 5

Dissolvable Agent

Answer 5

No software. Runs when device is authenticating. Software runs on device, and when it passes, it deletes itself.

Question 6

Agentless NAC (Network Access Control)

Answer 6

Occurs when the device logs in, and logs out. Can not be scheduled.

Question 7

Failing Assessment

Answer 7

Tells you why your device did not pass. You are notified why you did not pass, and then you are put on a quarantine network with just enough access to fix the issues. Once resolved, you go through checks again. If you fail, you are put back on the quarantine network to continue resolving.