An organization wants to design a new environment in multiple segments. The design calls for minimal external exposure, plus direct communication between shared resources without routing through outside services. Which option best satisfies these network goals?
Use addresses hidden from outside networks, employ an internal load distribution method for inter-segment communication, and direct external requests through a single entry path
Assign unique external addresses to each segment, block inbound paths, and route inter-segment traffic with a NAT device
Provide addresses from a shared external domain, add inbound and outbound rules for each segment, and use NAT devices in every group
Configure addresses from an outside pool for faster deployment, keep inter-segment routing open, and rely on an external firewall for inbound connections
The correct solution uses addresses that are not exposed outside, keeps inbound access to a single route, and handles traffic among segments with an internal distribution mechanism. This aligns with minimizing public exposure and reducing complexity. The other options involve more external interference, multiple NAT layers, or expanded public addresses, increasing risk or operational overhead.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why are addresses hidden from outside networks important for this design?
Open an interactive chat with Bash
What is an internal load distribution method, and why is it used in this network design?
Open an interactive chat with Bash
Why is a single entry path for external requests preferable in this scenario?