Certified Information Systems Security Professional (CISSP) — Question 326

Which of the following is the MOST effective way to ensure the endpoint devices used by remote users are compliant with an organization's approved policies before being allowed on the network?

Answer options

• A. Network Access Control (NAC)
• B. Privileged Access Management (PAM)
• C. Group Policy Object (GPO)
• D. Mobile Device Management (MDM)

Correct answer: A

Explanation

Network Access Control (NAC) is the most effective solution because it actively enforces compliance checks on devices before they connect to the network. Privileged Access Management (PAM) focuses on managing user permissions rather than endpoint compliance. Group Policy Object (GPO) is used for system configurations in a domain but does not actively enforce compliance for remote devices. Mobile Device Management (MDM) manages mobile devices but may not cover all endpoints comprehensively.