nerdexam
ExamsCV0-003Questions#259
CompTIA

CV0-003 · Question #259

CV0-003 Question #259: Real Exam Question with Answer & Explanation

The correct answer is A: Virtual Local Area Networks. VLANs logically segment a network at Layer 2, allowing an organization to isolate Internet-facing traffic from internal network traffic using a single physical infrastructure.

Security

Question

Which of the following would allow separation between the Internet and the internal network of a company?

Options

  • AVirtual Local Area Networks
  • BReview Audit Logs
  • CReview System Logs
  • DDemilitarized zone

Explanation

VLANs logically segment a network at Layer 2, allowing an organization to isolate Internet-facing traffic from internal network traffic using a single physical infrastructure.

Common mistakes.

  • B. Reviewing audit logs is a detective control that records events after they occur and provides no technical barrier or network separation between the Internet and internal systems.
  • C. Reviewing system logs offers visibility into system activity but creates no network-level boundary and cannot enforce separation between Internet and internal traffic.
  • D. A DMZ describes a network zone architecture placed between two firewalls, but it is the result of a design decision rather than the specific mechanism (such as a VLAN) that enforces the logical separation itself.

Concept tested. VLAN-based network segmentation for perimeter isolation

Reference. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/vlans.html

Topics

#DMZ#network segmentation#perimeter security#Internet isolation

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CV0-003 Practice