CompTIA
CV0-003 · Question #470
CV0-003 Question #470: Real Exam Question with Answer & Explanation
The correct answer is B: VLAN. VLANs logically segment a software-defined network so that the new department can reach sales and financial systems while being blocked from HR systems through access control at VLAN boundaries.
Cloud Architecture and Design
Question
A company wants to set up a new department using private cloud resources. The new department needs access to sales and financial data, but it should be prohibited from accessing human resources data. Which of the following is the BEST option to configure on the virtual (software-defined) network to meet these requirements?
Options
- AVSAN
- BVLAN
- CGRE
- DVPN
Explanation
VLANs logically segment a software-defined network so that the new department can reach sales and financial systems while being blocked from HR systems through access control at VLAN boundaries.
Common mistakes.
- A. VSAN (Virtual Storage Area Network) is a technology for pooling and virtualizing storage resources across hosts, not a mechanism for controlling network-level access between organizational departments.
- C. GRE (Generic Routing Encapsulation) is a tunneling protocol used to encapsulate one protocol inside another for transport across networks, and does not provide the logical segmentation or access control needed to restrict departmental data access.
- D. VPN creates encrypted tunnels for secure remote or site-to-site connectivity but does not segment an internal virtual network or provide the intra-environment access controls needed to isolate one department from a specific data set.
Concept tested. VLAN segmentation for departmental data access control
Reference. https://www.cisco.com/c/en/us/tech/lan-switching/vlan/index.html
Topics
#VLAN#network segmentation#software-defined networking#access control
Community Discussion
No community discussion yet for this question.