nerdexam
(ISC)2

CISSP · Question #1303

Which of the following BEST describes the use of network architecture in reducing corporate risks associated with mobile devices?

The correct answer is C. Segmentation and demilitarized zone (DMZ) monitoring are implemented to secure a virtual. This question tests understanding of how network architecture principles like segmentation and DMZ monitoring are used to reduce risks from mobile devices in an enterprise environment.

Submitted by javi_es· Mar 5, 2026Communication and Network Security

Question

Which of the following BEST describes the use of network architecture in reducing corporate risks associated with mobile devices?

Options

  • AMaintaining a closed applications model on all mobile devices depends on demilitarized Zone
  • BSplit tunneling enabled for mobile devices improves demilitarized zone (DMZ) security posture
  • CSegmentation and demilitarized zone (DMZ) monitoring are implemented to secure a virtual
  • DApplications that manage mobile devices are located in an Internet demilitarized zone (DMZ)

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    8% (2)
  • C
    73% (19)
  • D
    15% (4)

Why each option

This question tests understanding of how network architecture principles like segmentation and DMZ monitoring are used to reduce risks from mobile devices in an enterprise environment.

AMaintaining a closed applications model on all mobile devices depends on demilitarized Zone

A closed application model is an endpoint management policy, not a network architecture control, and it has no functional dependency on a DMZ.

BSplit tunneling enabled for mobile devices improves demilitarized zone (DMZ) security posture

Split tunneling actually reduces DMZ security posture by allowing mobile device traffic to bypass the corporate network inspection path, increasing risk rather than reducing it.

CSegmentation and demilitarized zone (DMZ) monitoring are implemented to secure a virtualCorrect

Segmentation divides the network into isolated zones so that compromised mobile devices cannot freely access sensitive corporate resources, limiting lateral movement. Combined with DMZ monitoring, traffic from mobile devices is inspected and controlled at a security boundary before reaching internal systems. This layered approach directly addresses corporate risk by containing threats originating from mobile endpoints within a virtualized or segmented network environment.

DApplications that manage mobile devices are located in an Internet demilitarized zone (DMZ)

Placing mobile device management (MDM) applications in an internet-facing DMZ exposes management infrastructure to external threats, which increases corporate risk rather than reducing it.

Concept tested: Network segmentation and DMZ monitoring for mobile device risk

Source: https://learn.microsoft.com/en-us/azure/architecture/framework/security/network-segmentation

Topics

#network segmentation#DMZ#mobile device security#network architecture

Community Discussion

No community discussion yet for this question.

Full CISSP Practice