A network administrator is trying to set up network security so that only trusted devices have network access. What solution should the administrator set up?

The solution that a network administrator should set up to ensure that only trusted devices have network access is Network Access Control (NAC). NAC solutions are designed to enforce security policies on devices that attempt to connect to the network.

By implementing NAC, the administrator can define which devices meet specific security criteria, such as up-to-date antivirus software or required operating system patches before granting network access. This mechanism helps to prevent unauthorized or vulnerable devices from interacting with sensitive network resources, thus enhancing overall security.

NAC systems often utilize various techniques, including device authentication, user authentication, and compliance checks, to ensure that only devices that meet the organization's established security standards can access the network. This is essential for maintaining a secure networking environment, particularly in workplaces where a mix of personal and corporate devices may be present.

Other options, while important in their own right, do not specifically address the requirement for restricting access based solely on device trustworthiness. A VPN, for instance, allows secure remote access but does not inherently manage device trust. DNSSEC is focused on securing DNS queries to prevent spoofing, and a Next-Generation Firewall (NGFW) provides advanced threat detection and traffic filtering but lacks the comprehensive device verification capabilities of NAC.