Which of the following would be the BEST design choice when segmenting a network to ensure that a company's highly sensitive research and development data has stringent access control measures and dedicated surveillance mechanisms?
Configuring a Public Security Zone with selective access permissions to support the necessary connectivity.
Deploying an Isolated Security Zone specifically for the research and development data, with rigorous access controls and monitoring.
Assigning the research and development servers to an Internal Zone used by the majority of the internal corporate services.
Developing a perimeter network tailored for devices that must be accessible from both internal and external networks.
A Public Security Zone is typically less secure and intended for providing services to untrusted networks; thus, it is not suited for sensitive data. A perimeter network, commonly known as a DMZ, has controlled access but is still more exposed as it often hosts services accessible by untrusted networks, which is not ideal for highly sensitive data. An Internal Zone generally hosts internal services but doesn’t imply the degree of strict access control and dedicated surveillance needed for high-security areas. The correct choice, an Isolated Security Zone, is designed for highly sensitive or critical assets that require stringent access control and monitoring to prevent unauthorized access and provide strong protection against potential security breaches.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an Isolated Security Zone?
Open an interactive chat with Bash
Why is a Public Security Zone not suitable for sensitive data?
Open an interactive chat with Bash
What distinguishes an Internal Zone from an Isolated Security Zone?