What type of control does Network Access Control (NAC) represent?

Network Access Control (NAC) represents a technical control because it involves the use of technology to enforce security policies and control access to network resources. NAC systems examine the devices attempting to connect to a network and assess their compliance with security policies, such as ensuring that they have up-to-date anti-virus software or patches installed. By automatically managing access based on the status of these devices, NAC helps ensure that only compliant and secure devices can connect, thereby enhancing the overall security posture of the network.

In contrast, physical controls relate to the tangible aspects of security, such as locks and surveillance cameras. Administrative controls involve policies and procedures put in place to govern security practices, which are often less direct than technical controls. Operational controls refer to practices and tasks carried out to maintain security, such as conducting security awareness training for employees. Therefore, NAC is categorized as a technical control, as it operates through technology to manage and secure network access.