An organization handling highly classified information needs to ensure that a critical server cannot communicate with any external networks to prevent unauthorized access or data leaks. Which of the following strategies best meets this requirement?
An air-gapped system is one that is physically isolated from all other networks, including the Internet. This physical separation ensures that no data can enter or leave the system electronically, providing maximum security for sensitive information. Enabling a host-based firewall can control incoming and outgoing traffic but does not prevent network connectivity. Using network segmentation with VLANs separates network traffic logically but still allows communication over the network infrastructure. Deploying an Intrusion Detection System (IDS) helps monitor and detect suspicious activities but does not prevent network access or isolate the server from external networks.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an air-gapped system and how does it enhance security?
Open an interactive chat with Bash
What are the limitations of using a host-based firewall?
Open an interactive chat with Bash
How does network segmentation with VLANs work, and what are its shortcomings?