Unauthorized Device Access Prevention

C.

The BEST preventive control to manage the risk of unauthorized device access to a network would be to keep an inventory of network and hardware addresses of all systems connected to the network. Option A is the most effective preventive control as it involves the proactive management of devices on the network.

Keeping an inventory of network and hardware addresses of all systems connected to the network allows an organization to identify and monitor all devices that are connected to the network. This information can then be used to manage the access of these devices, ensuring that only authorized devices are allowed access to the network. By proactively monitoring the devices on the network, an organization can detect any unauthorized access attempts and take appropriate action to prevent further unauthorized access.

Option B, installing a stateful inspection firewall to prevent unauthorized network traffic, is a reactive measure rather than a preventive control. While a firewall can help to prevent unauthorized access attempts, it does not address the root cause of the problem, which is the unauthorized devices on the network.

Option C, implementing network-level authentication and login to regulate access of devices to the network, is also a reactive measure. While it can help to regulate access to the network, it does not address the root cause of the problem, which is the unauthorized devices on the network.

Option D, deploying an automated asset inventory discovery tool to identify devices that access the network, is a good measure to identify devices that are accessing the network. However, it does not prevent unauthorized access attempts and is therefore not a preventive control.

In conclusion, the BEST preventive control to manage the risk of unauthorized device access to a network is to keep an inventory of network and hardware addresses of all systems connected to the network.