Home > Articles > Cisco Network Technology > General Networking > NAC Solution and Technology Overview

NAC Solution and Technology Overview

Chapter Description

Unpatched end-host systems, out-of-date antivirus signatures, and disabled or nonexistent personal firewalls all weaken the internal security of corporate networks and make them vulnerable to data theft and attacks. Network Admission Control (NAC) is a multipart solution that validates the security posture of the endpoint before admitting it on the network. This sample chapter provides an overall review of the NAC Framework solution.

Review Questions

You can find the answers to the review questions in Appendix A, "Answers to Review Questions."

  1. Which of the following is a required component of NAC?

    1. Remediation server
    2. Antivirus server
    3. Cisco Security Agent
    4. Cisco Secure Access Control Server
  2. What is the posture-enforcement method for NAC-L3-IP?

  3. What is the posture-enforcement method for NAC-L2-802.1X?

  4. NAC-L3-IP and NAC-L2-IP use which of the following protocols to secure the communication between the endpoint and Cisco Secure ACS?

    1. EAP over UDP
    2. EAP-FAST
    3. 77RADIUS
    4. PEAP
  5. The network-access device uses what protocol to send NAC-related messages to Cisco Secure ACS?

    1. EAP over UDP
    2. EAP-FAST
    3. RADIUS
    4. PEAP
  6. The VPN 3000 concentrator and the ASA and PIX security appliances support NAC on which of the following:

    1. Remote-access IPSec and L2TP over IPSec connections
    2. Remote-access and LAN-to-LAN IPSec connections
    3. Remote-access PPTP and L2TP over IPSec connections
    4. Remote-access IPSec connections only