The best answer is A. Access lists.
To ensure that only authorized devices can enter or connect to an environment, the organization needs a control that explicitly allows approved devices and denies unapproved ones. Access lists are used to define which devices, systems, or addresses are permitted access.
This can include allowlists based on:
device identifiers
MAC addresses
IP addresses
approved system entries
predefined access control rules
Why the other options are incorrect:
B. Remote connectionThis is a method of connecting, not a control that determines which devices are authorized.
C. Screened subnetsA screened subnet helps separate public-facing systems from internal systems, but it does not directly ensure only authorized devices can enter.
D. Centralized proxyA proxy mediates traffic requests, but it is not the primary control for allowing only authorized devices into an environment.
From a Security+ perspective, restricting access to only approved devices is best aligned with allow/deny rules through access lists, so A is the strongest answer.
