During an assessment of a company's environment, a tester finds that crucial data-processing machines and user endpoints reside in the same broadcast domain. Leadership seeks a method that limits unauthorized traversal between these machines. Which measure accomplishes this goal?
Place the critical servers into separate VLANs with defined traffic rules
Apply operating system updates to all devices
Disable the visibility of wireless network names
Deploy host-level security solutions across all devices
Isolating critical systems into their own VLANs with specific rules helps compartmentalize traffic and reduce unauthorized system-to-system movement. Adding local firewalls on endpoints offers additional security but does not address the need to separate traffic across the network. Turning off SSID broadcast affects wireless visibility but does not stop lateral movement once devices are connected. Applying patches maintains system security but does not divide the network in a way that prevents undesired cross-system access.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a VLAN, and why is it useful for network segmentation?