CompTIA Security+ (SY0-601) — Question 315

Unauthorized devices have been detected on the internal network. The devices' locations were traced to Ethernet ports located in conference rooms. Which of the following would be the best technical controls to implement to prevent these devices from accessing the internal network?

Answer options

• A. NAC
• B. DLP
• C. IDS
• D. MFA

Correct answer: A

Explanation

The best control in this situation is NAC (Network Access Control), as it can enforce policies to restrict unauthorized devices from accessing the network. DLP (Data Loss Prevention) focuses on data security rather than network access, IDS (Intrusion Detection System) monitors for security threats but does not prevent access, and MFA (Multi-Factor Authentication) secures user access rather than controlling device connections.