Which approach provides the best way to isolate internal systems and reduce sideways movement in an e-commerce environment handling sensitive transactions?
Gather servers behind a single load balancer with dynamic filtering
Partition the environment into smaller zones and apply tailored rules
Encrypt data between user devices and a central router
Splitting systems into smaller segments with specific rules restricts what an intruder can access if they breach one component. Adding a firewall to key VLANs helps isolate larger sections, but it may not divide internal resources enough. Encrypting traffic to one router protects data as it travels but does not stop threats spreading to other internal segments. Consolidating servers behind a single load balancer with dynamic filtering applies overarching traffic controls rather than detailed segmentation policies.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is network segmentation, and why is it important for security?
Open an interactive chat with Bash
Why does deploying a firewall at key VLANs not work as effectively as segmentation?
Open an interactive chat with Bash
What are common tailored rules applied in network segmentation?