CISSP · Question #1303
Which of the following BEST describes the use of network architecture in reducing corporate risks associated with mobile devices?
The correct answer is C. Segmentation and demilitarized zone (DMZ) monitoring are implemented to secure a virtual. This question tests understanding of how network architecture principles like segmentation and DMZ monitoring are used to reduce risks from mobile devices in an enterprise environment.
Question
Which of the following BEST describes the use of network architecture in reducing corporate risks associated with mobile devices?
Options
- AMaintaining a closed applications model on all mobile devices depends on demilitarized Zone
- BSplit tunneling enabled for mobile devices improves demilitarized zone (DMZ) security posture
- CSegmentation and demilitarized zone (DMZ) monitoring are implemented to secure a virtual
- DApplications that manage mobile devices are located in an Internet demilitarized zone (DMZ)
How the community answered
(26 responses)- A4% (1)
- B8% (2)
- C73% (19)
- D15% (4)
Why each option
This question tests understanding of how network architecture principles like segmentation and DMZ monitoring are used to reduce risks from mobile devices in an enterprise environment.
A closed application model is an endpoint management policy, not a network architecture control, and it has no functional dependency on a DMZ.
Split tunneling actually reduces DMZ security posture by allowing mobile device traffic to bypass the corporate network inspection path, increasing risk rather than reducing it.
Segmentation divides the network into isolated zones so that compromised mobile devices cannot freely access sensitive corporate resources, limiting lateral movement. Combined with DMZ monitoring, traffic from mobile devices is inspected and controlled at a security boundary before reaching internal systems. This layered approach directly addresses corporate risk by containing threats originating from mobile endpoints within a virtualized or segmented network environment.
Placing mobile device management (MDM) applications in an internet-facing DMZ exposes management infrastructure to external threats, which increases corporate risk rather than reducing it.
Concept tested: Network segmentation and DMZ monitoring for mobile device risk
Source: https://learn.microsoft.com/en-us/azure/architecture/framework/security/network-segmentation
Topics
Community Discussion
No community discussion yet for this question.