CISSP Question #409: Real Exam Question with Answer & Explanation

The correct answer is B: Implement a bastion host. A bastion host is a hardened system that acts as a gateway between a secure environment and an untrusted network, such as the internet. A bastion host can be used to maintain network separation from a secure environment while allowing remote users to work in the secure environmen

Submitted by fernanda_arg· Mar 5, 2026Communication and Network Security

Question

How can a security engineer maintain network separation from a secure environment while allowing remote users to work in the secure environment?

Options

AUse a Virtual Local Area Network (VLAN) to segment the network
BImplement a bastion host
CInstall anti-virus on all enceinte
DEnforce port security on access switches

Explanation

A bastion host is a hardened system that acts as a gateway between a secure environment and an untrusted network, such as the internet. A bastion host can be used to maintain network separation from a secure environment while allowing remote users to work in the secure environment, by providing controlled access and logging services. A bastion host can also implement additional security measures, such as encryption, authentication, and firewalls, to protect the communication and data.

Topics

#network segregation#bastion host#remote access

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions