CompTIA Security Plus Mock Test Q201

An organization has three divisions: Accounting, Sales, and Human Resources. Users in the Accounting division require access to a server in the Sales division, but no users in the Human Resources division should have access to resources in any other division, nor should any users in the Sales division have access to resources in the Accounting division.Which of the following network segmentation schemas would BEST meet this objective?

A. Create two VLANS, one for Accounting and Sales, and one for Human Resources.
B. Create one VLAN for the entire organization.
C. Create two VLANs, one for Sales and Human Resources, and one for Accounting.
D. Create three separate VLANS, one for each division.


Correct Answer: D
Section: Network Security

Explanation:
A virtual local area network (VLAN) is a hardware-imposed network segmentation created by switches. Communications between ports within the same VLAN occur without hindrance, but communications between VLANs require a routing function.

Incorrect Answers:
A: The question states that users in the Sales division should not have access to resources in the Accounting division. Because communications between ports within the same VLAN
occur without hindrance, this answer would allow the Sales division access to resources in the Accounting division.
B: The question states that no users in the Human Resources division should have access to resources in any other division, nor should any users in the Sales division have access to
resources in the Accounting division. this answer would not meet those requirements because communications between ports within the same VLAN occur without hindrance.
C: The question states that users in the Human Resources division should not have access to resources in any other division. Because communications between ports within the same
VLAN occur without hindrance, this answer would allow the Human Resources division access to resources in the Sales division.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 23