CSA Exam CCZT Topic 4 Question 16 Discussion

Actual exam question for CSA's CCZT exam

Question #: 16
Topic #: 4

[All CCZT Questions]

At which layer of the open systems interconnection (OSI) model

does network access control (NAC) typically operate? Select the

best answer.

ALayer 6, the presentation layer

BLayer 2, the data link layer

CLayer 3, the network layer

DLayer 4, the transport layer
Network access control (NAC) typically operates at layer 2, the data link layer, of the open systems interconnection (OSI) model. The data link layer is responsible for transferring data between adjacent nodes on a network, such as switches and endpoints. NAC operates at this layer by inspecting and controlling the access of devices to the network based on their MAC addresses, device profiles, security posture, and compliance status.
Reference=Certificate of Competence in Zero Trust (CCZT) - Cloud Security Alliance,Zero Trust Training (ZTT) - Module 6: Micro-segmentation

Show Suggested Answer

Suggested Answer: B

To ensure an acceptable user experience when implementing SDP, a security architect should collaborate with IT to model and plan the user experience, client software distribution, and device onboarding processes. This is because SDP requires users to install and use client software to access the protected resources, and the user experience may vary depending on the device type, operating system, network conditions, and security policies. By modeling and planning the user experience, the security architect and IT can ensure that the SDP implementation is user-friendly, consistent, and secure.

Reference=Certificate of Competence in Zero Trust (CCZT) - Cloud Security Alliance,Zero Trust Training (ZTT) - Module 7: Network Infrastructure and SDP

by Rocco at May 17, 2024, 08:17 AM

Limited Time Offer

25%

Off

Get Premium CCZT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Carlene

13 days ago

I thought NAC operated at the network layer, but this explanation makes sense. The data link layer is where device authentication and access control would make the most sense.

upvoted 0 times

...