Network Access Protection can be implemented in various mechanism. One of the easiest to setup is DHCP NAP. I get this frequent question coming to me. What is the purpose of Network Access Protection? In my personal opinion, NAP is geared towards making sure the client machines you manage in your network, has the base level protection before they get exposed onto the network. It is not meant for preventing someone from getting onto the network.
Its 2 slip sides of the coin. Say you implement DHCP NAP, with the intention of protecting your clients when they get onto the network, it serves its purpose. But if you want to prevent someone from getting an IP address because he is not part of your Domain, you may want to look into Server Domain Isolation.
Anyway, not to confuse you further, the video below shows you how to configure on Windows Server 2008, the Network Policy Server and DHCP Server to achieve DHCP NAP. The steps are actually reflected in an earlier document that I have shown. You can download the full step by step document here.