Company A permits visiting business partners from Company B to utilize Ethernet ports available in Company A’s conference rooms. This access is provided to allow partners the ability to establish VPNs back to Company B’s network. The security architect for Company A wants to ensure partners from Company B are able to gain direct Internet access from available ports only, while Company A employees can gain access to the Company A internal network from those same ports. Which of the following can be employed to allow this?
A. ACL
B. SIEM
C. MAC
D. NAC
E. SAML
CS0-002: CompTIA CySA+ ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
D is correct John. The requirement is for company B to access internet ONLY from the ethernet ports but Company A should be able to access the internal network. The ACLs wont be able to distinguish between company A and company B user. NAC can.
Wrong answer. Right answer is A. Why? Because NAC is much more expensive and complicated to configure. On the other hand, it is easy and not expensive to allow partners from company B to have gain direct access to Internet and blocking them form having access to the intranet if we configure the ACL (Firewall and/or Router) accordingly.