CompTIA CySA+ CS0-003 Practice Question
A cybersecurity analyst is tasked with enhancing the security defenses of an on-premises data center. While reviewing the network design documents, the analyst notices several legacy systems that rely on communication with external partners. Given that all external connections must pass stringent security requirements, which of the following solutions is BEST suited for securely managing these connections?
Implementing a Data Loss Prevention (DLP) solution that prevents sensitive information from being transmitted to external networks.
Creating separate Virtual Local Area Networks (VLANs) for each type of legacy system to minimize potential lateral movement.
Setting up a Demilitarized Zone (DMZ) that isolates the legacy systems while allowing secure communication with external partners.
Deploying a Network Access Control (NAC) system that restricts legacy system communications based on policy compliance.