As a network architect, you have been asked to design a network infrastructure for a financial services provider that requires extremely high levels of security due to the sensitive nature of the data being processed. The client also demands that certain systems must remain operational and isolated even in the event of a catastrophic network failure. Which of the following solutions would BEST meet these requirements?
Creating logical segmentation of the network using VLANs
Implementing an air-gapped network for those critical systems
Implementing a Virtual Private Network (VPN) for all internal communications
Deploying an Intrusion Prevention System (IPS) throughout the network
An air-gapped network is the best solution for ensuring high security and operational isolation as it is a physical isolation technique that completely separates the critical systems from unsecured networks, preventing any form of external access or data breach. Logical segmentation, while useful, doesn't offer physical isolation and can be bypassed if the network is compromised. A Virtual Private Network (VPN) provides secure remote access but does not address the requirement for physical isolation of the system. Using an Intrusion Prevention System (IPS) will add a layer of security but does not create isolated operational systems.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an air-gapped network and how does it enhance security?
Open an interactive chat with Bash
What are VLANs and how do they differ from an air-gapped network?
Open an interactive chat with Bash
What roles do VPNs and IPS play in network security?